Sign in
agent:

Evaluate all AWS CloudTrail configurations to verify that log file validation is enabled; return NON_COMPLIANT if any trail does not have log file validation enabled.

There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.

This script evaluates AWS CloudTrail configurations to verify log file validation and prints the compliance results.

import boto3 import json # Initialize AWS CloudTrail client client = boto3.client('cloudtrail', aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'), aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY'), region_name='us-east-2') # Fetch all trails response = client.describe_trails() trails = response.get('trailList', []) # Initialize compliance results compliance_results = [] # Check each trail for log file validation for trail in trails: trail_name = trail.get('Name') log_file_validation_enabled = trail.get('LogFileValidationEnabled', False) compliance_status = 'COMPLIANT' if log_file_validation_enabled else 'NON_COMPLIANT' compliance_results.append((trail_name, compliance_status)) # Print compliance results print(json.dumps(compliance_results, indent=4))
copied