Whitelist violations based on their metadata

[harti2006]

In order to create more complex whitelisting rules, it should be possible to consider the metadata of violations.

[harti2006]

Example use case:

• catch cross-account roles that are needed for the account setup

[harti2006]

Idea: Consider using https://github.com/json-path/JsonPath as a matching engine to find matching parts.