| agent: |
xi17xf1D5bY6tEGazevpTell the compliance status for AWS account, such as where there is no multi-region CloudTrail or where CloudTrail excludes management events (e.g., AWS KMS, Amazon RDS Data API) and flag them as NON_COMPLIANT.
Tell the compliance status for AWS account, such as where there is no multi-region CloudTrail or where CloudTrail excludes management events (e.g., AWS KMS, Amazon RDS Data API) and flag them as NON_COMPLIANT.
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.
Checks AWS CloudTrail compliance for multi-region and management events inclusion, flags non-compliance.
inputs
outputs
import boto3
import json
# Initialize boto3 client for CloudTrail
client = boto3.client(
'cloudtrail',
aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'),
aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY'),
region_name='us-east-2'
)
# Fetch all CloudTrails
response = client.describe_trails()
trails = response.get('trailList', [])
compliance_status = {}
for trail in trails:
trail_name = trail.get('Name')
is_multi_region = trail.get('IsMultiRegionTrail', False)
management_events = trail.get('IncludeManagementEvents', True)
# Check compliance
if not is_multi_region or not management_events:
compliance_status[trail_name] = 'NON_COMPLIANT'
else:
compliance_status[trail_name] = 'COMPLIANT'
# Print the compliance status
print(json.dumps(compliance_status, indent=4, default=str))
copied