Evaluate all AWS CloudTrail configurations and verify SSE-KMS encryption

import boto3 import json # Initialize AWS CloudTrail client aws_access_key_id = getEnvVar('AWS_ACCESS_KEY_ID') aws_secret_access_key = getEnvVar('AWS_SECRET_ACCESS_KEY') client = boto3.client('cloudtrail', region_name=region_name, aws_access_key_id=aws_access_key_id, aws_secret_access_key=aws_secret_access_key) # Fetch all trails response = client.describe_trails() trails = response.get('trailList', []) # Evaluate each trail for SSE-KMS encryption compliance_results = [] for trail in trails: trail_name = trail.get('Name', 'Unknown') kms_key_id = trail.get('KmsKeyId') if kms_key_id: compliance_results.append({'TrailName': trail_name, 'Compliance': 'COMPLIANT'}) else: compliance_results.append({'TrailName': trail_name, 'Compliance': 'NON_COMPLIANT'}) # Tabulate the results table = context.newtable() table.num_rows = len(compliance_results) + 1 # +1 for header table.num_cols = 2 table.title = "CloudTrail SSE-KMS Compliance" table.has_header_row = True table.setval(0, 0, "Trail Name") table.setval(0, 1, "Compliance") for i, result in enumerate(compliance_results, start=1): table.setval(i, 0, result['TrailName']) table.setval(i, 1, result['Compliance']) print("Compliance results tabulated successfully.")