def create_securityhub

def create_securityhub_payload()

in security_hub_correlation_cdk/lambdas/create_sh_finding/create_sh_finding.py [0:0]
36 lines of code
2 McCabe index (conditional complexity)

def create_securityhub_payload(dynamodb_match):
    logger.info('Creating Security Hub finding payload...')
    detector_id = hashlib.md5(json.dumps(dynamodb_match['Items'][0]['Types']).encode()).hexdigest()
    finding_id = hashlib.md5(json.dumps(dynamodb_match['Items'][0]['ResourceId']).encode()).hexdigest()
    convert_list = [str(element) for element in dynamodb_match['SourceUrlList']]
    SourceUrlString = ",".join(convert_list)
    sh_payload = {
        "SchemaVersion": dynamodb_match['Items'][0]['SchemaVersion'],
        "Title": dynamodb_match['SH_Title'],
        "AwsAccountId": dynamodb_match['Items'][0]['AwsAccountId'],
        "CreatedAt": dynamodb_match['Items'][0]['CreatedAt'],
        "UpdatedAt": dynamodb_match['Items'][0]['UpdatedAt'],
        "Description": dynamodb_match['Items'][0]['Description'],
        "SourceUrl": dynamodb_match['Items'][0]['SourceUrl'],
        "FindingProviderFields": {
            "Severity": {
                "Label": "CRITICAL",
                "Original": dynamodb_match['Items'][0]['Severity']
            },
            "Types": [dynamodb_match['Items'][0]['Types']]
        },
        "GeneratorId": 'arn:aws:securityhub:' + dynamodb_match['Items'][0]['Region'] + ':' + dynamodb_match['Items'][0]['AwsAccountId'] + ':detector/' + detector_id,
        "Id": 'arn:aws:securityhub:' + dynamodb_match['Items'][0]['Region'] + ':' + dynamodb_match['Items'][0]['AwsAccountId'] + ':detector/' + detector_id + '/finding/'+ finding_id,
        "ProductArn": 'arn:aws:securityhub:' + dynamodb_match['Items'][0]['Region'] + ':' + dynamodb_match['Items'][0]['AwsAccountId'] + ':product/' + dynamodb_match['Items'][0]['AwsAccountId'] + '/default',
        "Resources": [{
            'Type': 'AwsEc2Instance',
            'Region': dynamodb_match['Items'][0]['Region'],
            'Id': dynamodb_match['Items'][0]['ResourceId']
        }],
        "Note": {
            "Text": SourceUrlString,
            "UpdatedBy": 'arn:aws:securityhub:' + dynamodb_match['Items'][0]['Region'] + ':' + dynamodb_match['Items'][0]['AwsAccountId'] + ':product/' + dynamodb_match['Items'][0]['AwsAccountId'] + '/default',
            "UpdatedAt": dynamodb_match['Items'][0]['UpdatedAt']
        }
    }
    create_securityhub_finding (sh_payload)