Query: network_firewall_unrestricted_outbound_rules_count

with outbound_fw as (
  select
    id
  from
    digitalocean_firewall,
    jsonb_array_elements(outbound_rules) as i
  where
    i -> 'destinations' -> 'addresses' = '["0.0.0.0/0","::/0"]'
    and i ->> 'protocol' <> 'icmp'
  group by
    id
)
select
  'Unrestricted Outbound (Excludes ICMP)' as label,
  count(*) as value,
  case
    when count(*) = 0 then 'ok'
    else 'alert'
  end as type
from
  outbound_fw;