def lambda_handler()

in lambda/enrich-sec-hub-finding.py [0:0]

• 18 lines of code
• 4 McCabe index (conditional complexity)

def lambda_handler(event, context):

    ENRICHMENT_TEXT = "This Resource Type not supported for enrichment"
    ENRICHMENT_AUTHOR = "SecHubEnrich - General"
    ENRICHMENT_FINDING_ID = ""
    
    #log the event
    logger.info(event)
    
    for findings in event['detail']['findings']:
        
        #determine and log this Finding's ID
        ENRICHMENT_FINDING_ID = findings["Id"]
        logger.info("Finding ID: " + ENRICHMENT_FINDING_ID)
        
    
        #determine and log this Finding's resource type
        resourceType = findings["Resources"][0]["Type"]
        logger.info("Resource Type is: " + resourceType)
    
        #if the target resource is EC2 update the enrichment text with EC2 Tags
        if resourceType == "AwsEc2Instance":
            ENRICHMENT_AUTHOR = "SecHubEnrich - EC2 Tags"
            ENRICHMENT_TEXT = enrichEc2Type(findings)
    
            postEnrichmentNote(ENRICHMENT_AUTHOR, ENRICHMENT_TEXT, ENRICHMENT_FINDING_ID)

    
    return {
        'statusCode': 200,
        'body': json.dumps('function complete')
    }