From b78e4ad6a16036216dc44d504bcb2c24dfe86696 Mon Sep 17 00:00:00 2001
From: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
Date: Fri, 6 May 2022 13:46:53 +0200
Subject: [PATCH] fix(allowlist_db): Improve DynamoDB regex for allowlisting.
 (#1127)

---
 include/allowlist | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/allowlist b/include/allowlist
index 3441589e..340ef695 100644
--- a/include/allowlist
+++ b/include/allowlist
@@ -16,7 +16,7 @@ allowlist(){
   if grep -q -E "^s3://([^/]+)/(.*?([^/]+))$" <<< "${ALLOWLIST_FILE}"; then
     allowlist_S3
   # Check if the file is a DynamoDB ARN
-  elif grep -q -E "^arn:aws:dynamodb:\w+(?:-\w+)+:\d{12}:table\/[-._A-Za-z0-9]+$" <<< "${ALLOWLIST_FILE}"; then
+  elif grep -q -E "^arn:[aws\|aws\-cn\|aws\-us\-gov]+:dynamodb:[a-z]{2}-[north\|south\|east\|west\|central]+-[1-9]{1}:[0-9]{12}:table\/[a-zA-Z0-9._-]+$" <<< "${ALLOWLIST_FILE}"; then
     allowlist_DynamoDB
   else
     # Check if the file is a DynamoDB ARN
@@ -79,4 +79,4 @@ allowlist_Textfile() {
     EXITCODE=1
     exit ${EXITCODE}
   fi
-}
\ No newline at end of file
+}