Evaluate all AWS CloudTrail configurations to verify that log file validation is enabled; return NON_COMPLIANT if any trail does not have log file validation enabled.

import boto3 import json # Initialize AWS CloudTrail client client = boto3.client('cloudtrail', aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'), aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY'), region_name='us-east-2') # Fetch all trails response = client.describe_trails() trails = response.get('trailList', []) # Initialize compliance results compliance_results = [] # Check each trail for log file validation for trail in trails: trail_name = trail.get('Name') log_file_validation_enabled = trail.get('LogFileValidationEnabled', False) compliance_status = 'COMPLIANT' if log_file_validation_enabled else 'NON_COMPLIANT' compliance_results.append((trail_name, compliance_status)) # Print compliance results print(json.dumps(compliance_results, indent=4))