pmh_only/bp-check
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add feature : Security Hub bp check

Browse Source
This commit is contained in:
Juwon 2024-08-12 13:06:13 +09:00 committed by skyuecx0630
parent 858aab4eac
commit 14973510db
1 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
services/security_hub.py
View File

@ -2,10 +2,27 @@ from models import RuleCheckResult
import boto3 import boto3
# client = boto3.client("") client = boto3.client("securityhub")
sts_client = boto3.client("sts")
def securityhub_enabled(): def securityhub_enabled():
compliant_resources = []
non_compliant_resources = []
aws_account_id = sts_client.get_caller_identity()["Account"]
try:
hub = client.describe_hub()
compliant_resources.append(aws_account_id)
except Exception as e:
if e.__class__.__name__ == "InvalidAccessException":
non_compliant_resources.append(aws_account_id)
else:
raise e
return RuleCheckResult( return RuleCheckResult(
passed=False, compliant_resources=[], non_compliant_resources=[] passed=not non_compliant_resources,
compliant_resources=compliant_resources,
non_compliant_resources=non_compliant_resources,
) )