IAM Access Denied Responder/generate-security-messages/index.py [89:108]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
          cloudtrailEvent['sourceIPAddress'], # ip
          cloudtrailEvent['userAgent'] # useragent
        )

        if 'APIKey' in os.environ and os.environ['APIKey']:
            ip_geo_data = getIPGeoDetails(sourceIPAddress)
            country = ip_geo_data['location']['country'] if 'location' in ip_geo_data else 'N/A'
            region = ip_geo_data['location']['region'] if 'location' in ip_geo_data else 'N/A'
            city = ip_geo_data['location']['city'] if 'location' in ip_geo_data else 'N/A'
            ip_whois_data = getIPWhoisDetails(sourceIPAddress)
            owner = ip_whois_data['WhoisRecord']['registrant']['organization'] if 'WhoisRecord' in ip_whois_data else 'N/A'
            history +='This IP is located in {0}, {1}, {2} and is owned by {3}\n'.format(city, region, country, owner)
        len_events += 1
        if len_events >= 5:
          break
    client = boto3.client('sns')
    client.publish(
        TopicArn=os.environ['TopicTarget'],
        Message=json.dumps({'TextMessage': history}),
    )
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



IAM Access Denied Responder/generate-security-messages/index.py [141:160]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                              cloudtrailEvent['sourceIPAddress'], # ip
                              cloudtrailEvent['userAgent'] # useragent
                            )
        if 'APIKey' in os.environ and os.environ['APIKey']:
            ip_geo_data = getIPGeoDetails(sourceIPAddress)
            country = ip_geo_data['location']['country'] if 'location' in ip_geo_data else 'N/A'
            region = ip_geo_data['location']['region'] if 'location' in ip_geo_data else 'N/A'
            city = ip_geo_data['location']['city'] if 'location' in ip_geo_data else 'N/A'
            ip_whois_data = getIPWhoisDetails(sourceIPAddress)
            owner = ip_whois_data['WhoisRecord']['registrant']['organization'] if 'WhoisRecord' in ip_whois_data else 'N/A'
            history +='This IP is located in {0}, {1}, {2} and is owned by {3}\n'.format(city, region, country, owner)

        len_events += 1
        if len_events >= 5:
          break
    client = boto3.client('sns')
    client.publish(
        TopicArn=os.environ['TopicTarget'],
        Message=json.dumps({'TextMessage': history}),
    )
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -