JSON-Pattern Engine

A JSON-Object can be seen as a key-value store, able to describe complex models. The following diagram gives an overview of the most important JSON terms inspired by www.json.org.

JSON-Basics-Image

ACAI JSON-Pattern Concept

The principle of the ACAI JSON-Pattern Engine is based on the comparison of a JSON-Source with a JSON-Pattern.

JSON-Engine-Image

Basic Expressions

The syntax of the JSON-Pattern is in alignment with Amazon EventBridge > Create event patterns and the comparison operators:

Comparison	Example	Rule syntax	Matching source example
Equals	Name is "Alice"	`"Name": "Alice"` or `"Name": [ "Alice" ]`	`"Name": "Alice"`
And	Location is "New York" and Day is "Monday"	`"Location": "New York", <br/>"Day": "Monday"`	`"Location": "New York",<br/> "Day": "Monday"`
Or	PaymentType is "Credit"	`"PaymentType": [ "Credit", "Debit"]`	`"PaymentType": "Credit"`
Empty	LastName is empty	`"LastName": [""]`	`"LastName": ""`
"Nesting"	Customer.Name is "Alice"	`"Customer": JSON-Object`	`"Customer": { "Name": "Alice" }`
Mix	Location is "New York" and Day is "Monday" or "Tuesday"	`"Location": "New York", <br/> "Day": ["Monday", "Thuesday"]`	`"Location": "New York", "Day": "Monday"` or `"Location": "New York", "Day": "Tuesday"`

Logical Expressions

Additional Logical Expressions are supported. In this case, the JSON-Value is a JSON-Array of JSON-Objects:

Note

For the ACAI JSON-Engine the keys of the Pattern-JSON are case-insensitive to the Source-JSON.

Comparison	Comparator	Example	Logical Expression Syntax	Matching Source-JSON
Begins with	prefix	Region is in the US	`"Region": [ {"prefix": "us-" } ]`	`"Region": "us-east-1"`
Contains	contains	ServiceName contains 'database'	`"ServiceName": [<br/> {"contains": "database" }<br/>]`	`"serviceName": "employee-database-dev"`
Does not contain	contains-not	ServiceName does not contain 'database'	`"ServiceName": [<br/> {"contains-not": "database" }<br/>]`	`"serviceName": "employee-microservice-dev"`
Ends with	suffix	Service name ends with "-dev"	`"serviceName": [ {"suffix": "-dev" } ]`	`"ServiceName": "employee-database-dev"`
Not	anything-but	Weather is anything but "Raining"	`"Weather": [<br/> { "anything-but": "Raining" }<br/>]`	`"Weather": "Sunny"` or `"Weather": "Cloudy"`
Exists	exists	ProductName exists	`"ProductName": [ { "exists": true } ]`	`"ProductName": "SEMPER"`
Does not exist	exists	ProductName does not exist	`"ProductName": [ { "exists": false } ]`	n/a
Numeric	numeric	TCP-Port 22 affected	`"FromPort": [ { "numeric": [ "<=", 22 ] } ],"ToPort": [ { "numeric": [ ">=", 22 ] } ],`	`"FromPort": 22, "ToPort": 22`
REGEX match	regex-match	ServiceName matches regex pattern "^prefix-\w+-prod$"	`"ServiceName": [<br/> { "regex-match": "^prefix-\w+-prod$" }<br/>]`	`"ServiceName": "prefix-database-prod"`
REGEX not match	regex-not-match	ServiceName does not match regex pattern "^prefix-\w+-prod$"	`"ServiceName": [<br/> { "regex-not-match": "^prefix-\w+-prod$" }<br/>]`	`"ServiceName": "prefix-database-int"`

Pattern-JSON Examples

AND Expression

{
  "accountTags": {
    "confidentiality_level": "Internal"
  },
  "ouName": "Prod"
}

Result

Pattern-JSON will match to all Source-JSON where accountTags.confidentiality_level == "Internal" AND ouName == "Prod".

OR Expression

{
  "accountTags": {
    "environment": [
      "prod",
      "nonprod"
    ]
  }
}

Result

Pattern-JSON will match to all Source-JSON where accountTags.environment == "prod" OR accountTags.environment == "nonprod".

Logical Expression - Comparator "contains"

{
  "accountName": [
    {
      "contains": "_core-"
    }
  ]
}

Result

Pattern-JSON will match to all Source-JSON where account_context.accountName will contain "_core-".

Logical Expression - Comparator "exists"

{
  "accountTags": {
    "confidantiality_level": [
      {
        "exists": true
      }
    ]
  }
}

Result

Pattern-JSON will match to all Source-JSON where the JSON-Key accountTags.confidantiality_level is available.

Numerical Expression - Comparator "numeric"

{
  "SecurityGroupRule": {
    "FromPort": [ { "numeric": [ "<=", 22 ] } ],
    "ToPort": [ { "numeric": [ ">=", 22 ] } ],
    "IpProtocol": "tcp"
  }
}

Result

Pattern-JSON will match to all Source-JSON where the SecurityGroupRule.FromPort is <= 22 AND SecurityGroupRule.ToPort is >= 22 AND SecurityGroupRule.IpProtocol is "tcp".

Comparator "regex-*"

{
  "eventType": [{"regex-match": "^Aws"}]
}

Result

Pattern-JSON will match to the Source-JSON as the "eventType": "AwsApiCall" matches the pattern.

For regex expressions we recommend: www.autoregex.xyz