in aws-auditmanager-conformancepack/lambda/CustomAuditManagerFramework_Lambda.py [0:0]
def lambda_handler(event, context):
print ("boto3 version: " + boto3.__version__)
auditmanager = boto3.client('auditmanager')
ssm = boto3.client('ssm')
s3 = boto3.client('s3')
logger.info('EVENT Received: {}'.format(event))
responseData = {}
controlSets_List =[]
S3Bucket = os.environ['S3Bucket']
MappingFile = os.environ['MappingFile']
#Handle cfnsend delete event
eventType = event['RequestType']
if eventType == 'Delete':
logger.info(f'Request Type is Delete; unsupported')
cfnsend(event, context, 'SUCCESS', responseData)
return 'SUCCESS'
#Create a NIST Control Set
data = s3.get_object(Bucket=S3Bucket, Key=MappingFile)
for row in csv.DictReader(codecs.getreader("utf-8")(data["Body"])):
controlslist =[]
for value in row.values():
if value != 'none':
controlslist.append(value)
controlSets_List.append(create_custom_auditmanager_controlset(controlslist))
#Create a NIST Control Set
#with open('nistmapping.csv', 'r') as read_obj:
# csv_reader = reader(read_obj)
# for row in csv_reader:
# controlSets_List.append(create_custom_auditmanager_controlset(row))
#Create a Custom Config Conformance Pack Framework for NIST controls
response_framework = auditmanager.create_assessment_framework(name='Config Conformance Pack Custom Framework',
controlSets=controlSets_List)
#Write the framework id to the parameter
frameworkid = response_framework['framework']['id']
# write to ssm parameter store
ssm.put_parameter(Name='CustomConfigConformancePackFrameworkID', Type='String', Value=frameworkid, Overwrite=True)
print('frameworkId is ' + frameworkid)
cfnsend(event, context, 'SUCCESS', responseData)
return 'SUCCESS'