added policy to check container insight enable or not for ecs

avd_docs/aws/ecs/AVD-AWS-0193/docs.md

@@ -0,0 +1,13 @@
+
+Ensure that ECS clusters have CloudWatch Container Insights feature enabled.
+
+### Impact
+<!-- Add Impact here -->
+
+<!-- DO NOT CHANGE -->
+{{ remediationActions }}
+
+### Links
+- https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContainerInsights.html
+
+

internal/rules/policies/cloud/policies/aws/ecs/enable_container_insight.rego

@@ -0,0 +1,25 @@
+# METADATA
+# title: "Container Insights Enabled"
+# description: "Ensure that ECS clusters have CloudWatch Container Insights feature enabled."
+# scope: package
+# schemas:
+# - input: schema.input
+# related_resources:
+# - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContainerInsights.html
+# custom:
+#   avd_id: AVD-AWS-0193
+#   provider: aws
+#   service: ecs
+#   severity: LOW
+#   short_code: enable-container-insight
+#   recommended_action: "Enabled container insights feature for ECS clusters."
+#   input:
+#     selector:
+#     - type: cloud
+package builtin.aws.ecs.aws0193
+
+deny[res] {
+	cluster := input.aws.ecs.clusters[_]
+	not cluster.settings.containerinsightsenabled.value
+	res := result.new("Cluster does not have container insights enabled.",cluster.settings.containerinsightsenabled )
+}

internal/rules/policies/cloud/policies/aws/ecs/enable_container_insight_test.rego

@@ -0,0 +1,11 @@
+package builtin.aws.ecs.aws0193
+
+test_detects_when_disabled {
+	r := deny with input as {"aws": {"ecs": {"clusters": [{"settings": {"containerinsightsenabled": {"value": false}}}]}}}
+	count(r) == 1
+}
+
+test_when_enabled {
+	r := deny with input as {"aws": {"ecs": {"clusters": [{"settings": {"containerinsightsenabled": {"value": true}}}]}}}
+	count(r) == 0
+}