Evaluate all AWS CloudTrail configurations to verify that log file validation is enabled; return NON_COMPLIANT if any trail does not have log file validation enabled. Tabulate the results.

import boto3 import json # Initialize AWS CloudTrail client client = boto3.client('cloudtrail', aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'), aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY'), region_name='us-east-2') # Fetch all trails response = client.describe_trails() trails = response.get('trailList', []) # Initialize compliance results compliance_results = [] # Check each trail for log file validation for trail in trails: trail_name = trail.get('Name') log_file_validation_enabled = trail.get('LogFileValidationEnabled', False) compliance_status = 'COMPLIANT' if log_file_validation_enabled else 'NON_COMPLIANT' compliance_results.append((trail_name, compliance_status)) # Print compliance results print(json.dumps(compliance_results, indent=4))

table = context.newtable() table.num_rows = len(compliance_results) + 1 # Adding 1 for the header row table.num_cols = 2 table.title = "AWS CloudTrail Log File Validation Compliance" table.has_header_row = True table.setval(0, 0, "Trail Name") table.setval(0, 1, "Compliance Status") for i, result in enumerate(compliance_results, start=1): table.setval(i, 0, result[0]) table.setval(i, 1, result[1]) print("Tabulation of AWS CloudTrail log file validation compliance results completed successfully.")