def lambda_handler()

in lookout_alarm/detect.py [0:0]

• 36 lines of code
• 1 McCabe index (conditional complexity)

def lambda_handler(event, context):
    # I create a datetime object with timezone
    my_date = datetime.datetime.utcnow().replace(tzinfo=datetime.timezone.utc)

    # I generate an UUID as my fndingId
    findingId = str(uuid.uuid4())

    # submit the finding to Security Hub
    result = securityHub.batch_import_findings(Findings = [
        {
            'SchemaVersion': '2018-10-08',
            'Id': findingId,
            'ProductArn': "arn:aws:securityhub:"+ os.environ['AWS_REGION'] +":" + accountId +":product/" + accountId +"/default",
            'AwsAccountId': accountId,
            'GeneratorId': 'LookoutForMetrics',
            'Types': [ 'AWS WAF Anomaly' ],
            'CreatedAt': my_date.isoformat(),
            'UpdatedAt': my_date.isoformat(),
            'Severity': {
                'Product': 1,
                'Normalized': 10
            },
            'Title': event['alertName'],
            'Description': 'Anomaly detected [' + event['alertDescription'] + '] with a score of ' + str(event['anomalyScore']),
            'ProductFields': { 'Product Name': 'AWS WAF/Lookout For Metrics' },
            'Resources': [{
                'Type': 'Account',
                'Id': accountId,
                'Partition': 'aws',
                'Region': os.environ['AWS_REGION'],
            }],
            'Remediation': {
                'Recommendation': {
                  'Text': 'Navigate in Lookout for Metrics to see more information on this anomaly',
                  'Url': 'https://' + os.environ['AWS_REGION'] + '.console.aws.amazon.com/lookoutmetrics/home#' + event['anomalyDetectorArn'] + '/anomalies/anomaly' + event['alertEventId'][event['alertEventId'].rindex('/'):]
                }
            },
            'RecordState': 'ACTIVE'
        }
    ])

    # print results
    print(result)