def enrichEc2Type()

in lambda/enrich-sec-hub-finding.py [0:0]

• 15 lines of code
• 7 McCabe index (conditional complexity)

def enrichEc2Type(Ec2Finding):
    # this function takes a sechub finding event known to have the resource 
    # type of EC2 instance, describes all tags and returns the tags formatted to post
    
    #clear enrichment text
    localText = ""
    
    ec2client = boto3.client('ec2')
    
    #extract instance ID from the sec hub finding event
    id_arn = Ec2Finding["Resources"][0]['Id']
    instance_id = id_arn.split("/")[1]

    #describe instances
    instance_info = ec2client.describe_instances(InstanceIds=[instance_id])
    
    #loop and append the values and keys of all tags into the Enrichment Text              
    for res in instance_info['Reservations']:
        for ins in res['Instances']:
            for tags in ins['Tags']:
                localText = localText + "[" + tags["Key"]
                localText = localText + "]: "
                localText = localText + tags["Value"]
                localText = localText + " ,"
    
    logger.debug("Tag enrichment complete: " + localText)
    
    return localText