agent: |
BXzgQWqZlphs6v2WeM2ZEvaluate all AWS CloudTrail configurations and verify SSE-KMS encryption
Evaluate all AWS CloudTrail configurations and verify SSE-KMS encryption
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.
This script evaluates AWS CloudTrail configurations to verify if SSE-KMS encryption is enabled and tabulates the compliance results.
inputs
outputs
import boto3
import json
# Initialize AWS CloudTrail client
aws_access_key_id = getEnvVar('AWS_ACCESS_KEY_ID')
aws_secret_access_key = getEnvVar('AWS_SECRET_ACCESS_KEY')
client = boto3.client('cloudtrail',
region_name=region_name,
aws_access_key_id=aws_access_key_id,
aws_secret_access_key=aws_secret_access_key)
# Fetch all trails
response = client.describe_trails()
trails = response.get('trailList', [])
# Evaluate each trail for SSE-KMS encryption
compliance_results = []
for trail in trails:
trail_name = trail.get('Name', 'Unknown')
kms_key_id = trail.get('KmsKeyId')
if kms_key_id:
compliance_results.append({'TrailName': trail_name, 'Compliance': 'COMPLIANT'})
else:
compliance_results.append({'TrailName': trail_name, 'Compliance': 'NON_COMPLIANT'})
# Tabulate the results
table = context.newtable()
table.num_rows = len(compliance_results) + 1 # +1 for header
table.num_cols = 2
table.title = "CloudTrail SSE-KMS Compliance"
table.has_header_row = True
table.setval(0, 0, "Trail Name")
table.setval(0, 1, "Compliance")
for i, result in enumerate(compliance_results, start=1):
table.setval(i, 0, result['TrailName'])
table.setval(i, 1, result['Compliance'])
print("Compliance results tabulated successfully.")
copied