in aws-auditmanager-securityhub/lambda/CustomAuditManagerFramework_Lambda.py [0:0]
def create_custom_auditmanager_control(controls, controltype):
auditmanager = boto3.client('auditmanager')
securityhubcontrol_List= []
control_id =""
#Create a Custom Security Hub Control Source - Security Hub Control Source
securityhub_controlmappingsource_template = {}
securityhub_controlmappingsource_template['sourceName'] = 'Custom Security Hub Control Source'
securityhub_controlmappingsource_template['sourceDescription'] = 'Security Hub checks'
securityhub_controlmappingsource_template['sourceSetUpOption'] = 'System_Controls_Mapping'
securityhub_controlmappingsource_template['sourceType'] = 'AWS_Security_Hub'
sourceKeyword = {
'keywordInputType': 'SELECT_FROM_LIST',
'keywordValue': 'Security Hub checks'
}
securityhub_controlmappingsource_template['sourceKeyword'] = sourceKeyword
for controlname in controls:
securityhub_controlmappingsource = copy.deepcopy(securityhub_controlmappingsource_template)
securityhub_controlmappingsource['sourceKeyword']['keywordValue'] = controlname
securityhubcontrol_List.append(securityhub_controlmappingsource)
#Create a Custom Security Hub Control
name = 'Custom' + controltype + 'SecurityHubControl'
response_control = auditmanager.create_control(name=name, controlMappingSources=securityhubcontrol_List)
control_id = response_control['control']['id']
return control_id