29 lines
740 B
Python
29 lines
740 B
Python
from models import RuleCheckResult
|
|
import boto3
|
|
|
|
|
|
client = boto3.client("securityhub")
|
|
|
|
sts_client = boto3.client("sts")
|
|
|
|
|
|
def securityhub_enabled():
|
|
compliant_resources = []
|
|
non_compliant_resources = []
|
|
aws_account_id = sts_client.get_caller_identity()["Account"]
|
|
|
|
try:
|
|
hub = client.describe_hub()
|
|
compliant_resources.append(aws_account_id)
|
|
except Exception as e:
|
|
if e.__class__.__name__ == "InvalidAccessException":
|
|
non_compliant_resources.append(aws_account_id)
|
|
else:
|
|
raise e
|
|
|
|
return RuleCheckResult(
|
|
passed=not non_compliant_resources,
|
|
compliant_resources=compliant_resources,
|
|
non_compliant_resources=non_compliant_resources,
|
|
)
|