Update cloudtrail-logs-not-encrypted.yaml

2024-05-10 09:50:23 +05:30 · 2024-05-10 09:50:23 +05:30 · f2fa65385e
parent a02dcf61d2
commit f2fa65385e
1 changed files with 11 additions and 4 deletions
--- a/cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml
@ -20,6 +20,7 @@ flow: |
  code(1)
  for(let CloudTrail of iterate(template.cloudtrailname)){
    set("trail", CloudTrail)
+    set("region", CloudTrail.trailregion)
    code(2)
  }

@ -29,14 +30,20 @@ code:
      - sh
      - bash
    source: |
-      aws cloudtrail list-trails --region $region --query 'Trails[*].Name' --output json
+      aws cloudtrail list-trails --region $region --query 'Trails[*].[Name, HomeRegion]' --output json

    extractors:
      - type: json
        name: cloudtrailname
        internal: true
        json:
-          - '.[]'
+          - '.[] | .[0]'
+
+      - type: json
+        name: trailregion
+        internal: true
+        json:
+          - '.[] | .[1]'

  - engine:
      - sh
@ -52,5 +59,5 @@ code:
    extractors:
      - type: dsl
        dsl:
-          - '"CloudTrail trail" + trail + " is not configured to encrypt log files using SSE-KMS encryption"'
-# digest: 490a004630440220615ff60f92dc1540ae499c543e657c18d430e7b6b08291befb395d465b0dfa280220748efe3b2771beb250f0c50040e94c8c0a9a37f60fcb6c88bbe9ff55b5362fa1:922c64590222798bb761d5b6d8e72950
+          - '"CloudTrail trail " + trail + " is not configured to encrypt log files using SSE-KMS encryption"'
+# digest: 490a004630440220615ff60f92dc1540ae499c543e657c18d430e7b6b08291befb395d465b0dfa280220748efe3b2771beb250f0c50040e94c8c0a9a37f60fcb6c88bbe9ff55b5362fa1:922c64590222798bb761d5b6d8e72950