I’m new to InSpec and while I read the documentation I’d like to know if someone can help to understand a few things. I’m focused on controls in AWS, more precisely controls for security group. I have been working in a pretty dynamic AWS environment, for me it wouldn’t work to have a list of static hosts, IPs or security groups ID but rather I’m trying to understand how to use a sort of wildcards or “variables”. For instance I’d like to put in place a control in which a target (source or destination) should be something like: 192.168.x.y/32:3306. I don’t care about last two octets as long as the address starts with 192.168 and the port hit is 3306. Other thing, I’d like to know if I can use regular expressions to describe my target (IP) letting me stay flexible in terms of audit. Examples are welcomed!!