UPD: Added comments and cloudtrail encruption now only scan for current region

2024-12-30 11:52:47 +08:00
parent 2594fd7b2b
commit 2a0da86de0
1 changed files with 11 additions and 7 deletions
@@ -50,6 +50,8 @@ def printResult(content: list, header: str):
    return
 print("Script started. It may take 7+ minutes to run. Please be patient...")
 mdFile = MdUtils(file_name='AwsReviewReport.md', title='Aws Review ' + str(date.today()))
 sts = boto3.client("sts")
 aid = sts.get_caller_identity().get("Account")
@@ -388,19 +390,21 @@ for r in regions:
            outTable.append([r, aid, i.get("name")])
 printResult(outTable, "Region, AccountID, PrivateApiName")
 """Check cloudtrail for encryption"""
 printTitle(1, "Cloudtrail service review")
 printTitle(2, "[Security] Cloudtrail not encrypted")
 printTitle(3, "Consider enabling encryption for cloudtrail")
 outTable = []
-for r in regions:
+#for r in regions:
-    client = boto3.client('cloudtrail', region_name=r)
+client = boto3.client('cloudtrail')
-    response = client.describe_trails()
+response = client.describe_trails()
-    for i in response.get("trailList"):
+for i in response.get("trailList"):
    if i.get("KmsKeyId") is None:
-            outTable.append([r, aid, i.get("Name")])
+        outTable.append([aid, i.get("TrailARN")])
-printResult(outTable, "Region, AccountID, Trail")
+printResult(outTable, "AccountID, Trail")
 """Check cloudtrail for multi-region logging"""
 printTitle(2, "[Security] Multi-Region cloudtrail not enabled")
 printTitle(3, "Consider enabling Multi-Region for at least 1 cloudtrail")
 outTable = []