def rule(event):
    if all(
        [
            event.deep_get("targetResources", "type", default="") == "Service Principal",
            event.deep_get("properties", "message", default="")
            in ["Add member to role", "Add eligible member to role", "Add scoped member to role"],
        ]
    ):
        return True
    return False
