def create_report_batch_job_handler(event, context): check_history_id = eventhelper.get_check_history_id_batch(event) trace_id = check_history_id common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) # セキュリティチェックレポート作成ジョブ登録 return awssecuritychecks_logic.create_report_batch_job( trace_id, check_history_id)
def execute_securitycheck_aggregate_handler(event, context): check_history_id = eventhelper.get_check_history_id_batch(event) trace_id = check_history_id common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) # セキュリティチェック結果集計 return awssecuritychecks_logic.execute_securitycheck_aggregate( trace_id, check_history_id)
def get_check_awsaccounts_handler(event, context): # 必要な情報を取得 check_history_id = eventhelper.get_check_history_id_batch(event) trace_id = check_history_id common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) # セキュリティチェック対象AWSアカウント取得 return awssecuritychecks_logic.get_check_awsaccounts( trace_id, check_history_id)
def execute_send_result_slack_handler(event, context): check_history_id = eventhelper.get_check_history_id_batch(event) language = eventhelper.get_language_batch(event) trace_id = check_history_id common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Slack通知送信処理 awschecksBatch_logic.execute_send_result_slack(trace_id, check_history_id, language)
def execute_securitycheck_statemachine_handler(event, context): # Amazon SNSメッセージを取得 message = eventhelper.get_message_from_sns(event) message = json.loads(message) # 必要な情報を取得 check_history_id = eventhelper.get_check_history_id_batch(message) trace_id = check_history_id common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) # セキュリティチェックStepFunctions起動 awssecuritychecks_logic.execute_securitycheck_statemachine( trace_id, check_history_id)
def check_effective_awsaccount_handler(event, context): # 必要な情報を取得 check_history_id = eventhelper.get_check_history_id_batch(event) trace_id = check_history_id coop_id = eventhelper.get_coop_id_batch(event) role_name = eventhelper.get_role_name(event) external_id = eventhelper.get_external_id(event) organization_id = eventhelper.get_organization_id_batch(event) project_id = eventhelper.get_project_id_batch(event) common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) # 対象となるAWSアカウント target_aws_account = eventhelper.get_awsaccount(event) # AWSアカウントチェック return awssecuritychecks_logic.check_effective_awsaccount( trace_id, target_aws_account, coop_id, role_name, external_id, organization_id, project_id, check_history_id)
def execute_asc_check_handler(event, context): check_history_id = eventhelper.get_check_history_id_batch(event) trace_id = check_history_id aws_account = eventhelper.get_awsaccount(event) coop_id = eventhelper.get_coop_id_batch(event) aws_account_name = eventhelper.get_awsaccount_name_batch(event) role_name = eventhelper.get_role_name(event) external_id = eventhelper.get_external_id(event) organization_id = eventhelper.get_organization_id_batch(event) organization_name = eventhelper.get_organization_name_batch(event) project_id = eventhelper.get_project_id_batch(event) project_name = eventhelper.get_project_name_batch(event) check_result_id = eventhelper.get_check_result_id_batch(event) effective_awsaccount = eventhelper.get_effective_awsaccount(event) common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) # セキュリティチェックASC実行 return awssecuritychecks_logic.execute_asc_check( trace_id, aws_account, coop_id, aws_account_name, role_name, external_id, organization_id, organization_name, project_id, project_name, check_history_id, check_result_id, effective_awsaccount)
def execute_send_checkerror_email_handler(event, context): message = eventhelper.get_message_from_sns(event) message = json.loads(message) aws_account = eventhelper.get_awsaccount(message) check_history_id = eventhelper.get_check_history_id_batch(message) organization_id = eventhelper.get_organization_id_batch(message) project_id = eventhelper.get_project_id_batch(message) error_code = eventhelper.get_error_code_batch(message) execute_user_id = eventhelper.get_execute_user_id_batch(message) region_name = eventhelper.get_region_name_batch(message) check_code_item = eventhelper.get_check_code_item_batch(message) data_body = eventhelper.get_data_body_batch(message) trace_id = execute_user_id common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 通知メール送信処理 awschecksBatch_logic.execute_send_checkerror_email( trace_id, context.aws_request_id, aws_account, check_history_id, organization_id, project_id, error_code, execute_user_id, region_name, check_code_item, data_body)
def execute_ibp_check_handler(event, context): check_history_id = eventhelper.get_check_history_id_batch(event) trace_id = check_history_id common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # セキュリティチェックIBP実行 return {"ibp-result": "true"}