| agent: |
KpQR7wFwvSv0Qnh8K8rPAWS Account Compliance Status Evaluation
AWS Account Compliance Status Evaluation
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.
This workflow involves assessing the compliance status of an AWS account by examining the configuration of CloudTrail. It specifically checks for the presence of multi-region CloudTrail and ensures that management events, such as those related to AWS KMS and Amazon RDS Data API, are not excluded. Any accounts that do not meet these criteria are flagged as NON_COMPLIANT. This process helps maintain security and operational standards by ensuring comprehensive logging and monitoring across AWS services.
inputs
outputs
- 1xi17xf1D5bY6tEGazevpTell the compliance status for AWS account, such as where there is no multi-region CloudTrail or where CloudTrail excludes management events (e.g., AWS KMS, Amazon RDS Data API) and flag them as NON_COMPLIANT.
1
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Checks AWS CloudTrail compliance for multi-region and management events inclusion, flags non-compliance.
inputsoutputsimport boto3 import json # Initialize boto3 client for CloudTrail client = boto3.client( 'cloudtrail', aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'), aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY'), region_name='us-east-2' ) # Fetch all CloudTrails response = client.describe_trails() trails = response.get('trailList', []) compliance_status = {} for trail in trails: trail_name = trail.get('Name') is_multi_region = trail.get('IsMultiRegionTrail', False) management_events = trail.get('IncludeManagementEvents', True) # Check compliance if not is_multi_region or not management_events: compliance_status[trail_name] = 'NON_COMPLIANT' else: compliance_status[trail_name] = 'COMPLIANT' # Print the compliance status print(json.dumps(compliance_status, indent=4, default=str))copied1