agent: |
qfDwORROx9FaHNzmMwD6Evaluate all AWS CloudTrail configurations to verify that log file validation is enabled; return NON_COMPLIANT if any trail does not have log file validation enabled.
Evaluate all AWS CloudTrail configurations to verify that log file validation is enabled; return NON_COMPLIANT if any trail does not have log file validation enabled.
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.
This script evaluates AWS CloudTrail configurations to verify log file validation and prints the compliance results.
inputs
outputs
import boto3
import json
# Initialize AWS CloudTrail client
client = boto3.client('cloudtrail',
aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'),
aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY'),
region_name='us-east-2')
# Fetch all trails
response = client.describe_trails()
trails = response.get('trailList', [])
# Initialize compliance results
compliance_results = []
# Check each trail for log file validation
for trail in trails:
trail_name = trail.get('Name')
log_file_validation_enabled = trail.get('LogFileValidationEnabled', False)
compliance_status = 'COMPLIANT' if log_file_validation_enabled else 'NON_COMPLIANT'
compliance_results.append((trail_name, compliance_status))
# Print compliance results
print(json.dumps(compliance_results, indent=4))
copied