-
Notifications
You must be signed in to change notification settings - Fork 4
/
createCustomStandard.py
204 lines (174 loc) · 8.41 KB
/
createCustomStandard.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
# Core python packages
import logging
# 3rd party packages - see requirements.txt
import boto3
import botocore.exceptions
# src python
from utils import *
# Create custom assessment framework in Audit Manager
def create_custom_framework(
custom_report_name: str = None,
description: str = None,
complianceType: str = None,
control_sets: list = None,
region_name=None,
) -> dict:
"""
Creates a custom assessment framework in Audit Manager
Args:
custom_report_name (*string*)--
[**REQUIRED**]
The name of the custom framework. Defaults to **None**.
description (*string*, optional): An . Defaults to **None**.
complianceType (*string*, optional): [description]. Defaults to **None**.
control_sets (*string*, optional): [description]. Defaults to **None**.
auditmanager (*string*, optional): [description]. Defaults to **None**.
Raises:
error: raises Boto3 ClientError
error: raises Boto3 ClientError
Returns:
[type]: [description]
"""
auditmanager_client = boto3.client('auditmanager', region_name=region_name)
existing_frameworks = (
auditmanager_client.list_assessment_frameworks(frameworkType="Custom"))
already_exists = False
# Looping through all existing custom frameworks
for existing in existing_frameworks["frameworkMetadataList"]:
# Checking if the framework being created already exists and
# updating it
if existing["name"] == custom_report_name:
already_exists = True
try:
response = auditmanager_client.update_assessment_framework(
frameworkId=existing["id"],
name=custom_report_name,
description=description,
complianceType=complianceType,
controlSets=control_sets
)
logging.debug(response)
return response
except botocore.exceptions.ClientError as error:
raise error
# Creating new framework if it does not already exist
if already_exists is False:
try:
response = auditmanager_client.create_assessment_framework(
name=custom_report_name,
description=description,
complianceType=complianceType,
controlSets=control_sets
)
logging.debug(response)
return response
except botocore.exceptions.ClientError as error:
raise error
def list_controls(controlType: str = None, region_name=None) -> dict:
auditmanager_client = boto3.client('auditmanager', region_name=region_name)
existing_controls = auditmanager_client.list_controls(controlType="Custom")
nextToken = existing_controls.get('nextToken', None)
while nextToken is not None:
next_existing_controls = auditmanager_client.list_controls(
controlType="Custom",
nextToken=nextToken
)
# Adding each control in the new list of controls to the existing list
for item in next_existing_controls["controlMetadataList"]:
existing_controls["controlMetadataList"].append(item)
# Checking if there is a token in the new list of controls
if "nextToken" in next_existing_controls:
nextToken = next_existing_controls["nextToken"]
else:
nextToken = None
logging.debug(existing_controls)
return existing_controls
# Create
# Create custom controls in Audit Manager
def create_custom_controls(input=None, controls=None, region_name=None):
auditmanager_client = boto3.client('auditmanager', region_name=region_name)
# Calls the list_controls() and returns a list of existing controls
existing_controls = list_controls(region_name=region_name)
control_sets = []
# Iterating through the control sets in the JSON file
for control_set in input:
# Creating a dictionary of control sets and list of control IDs
# to pass them into the assessment framework in the correct format
control_sets_dict = {}
control_ids = []
control_sets_dict.setdefault("name", control_set)
# Iterating through each control in the control set
for control in input[control_set]:
already_exists = False
# Looping through all existing custom controls
for existing in existing_controls["controlMetadataList"]:
# Checking if the control being created already exists and
# updating it if so
if existing["name"] == input[control_set][control]["name"]:
already_exists = True
controlMappingSources = []
# Adding each data source to a
# list to feed into the control creation
for data_source in input[control_set][control]["controlMappingSources"]:
# Converting keywords to uppercase if not already
if "sourceKeyword" in data_source:
keyword = data_source["sourceKeyword"]["keywordValue"]
if keyword.isupper() is not True:
uppercase_keyword = keyword.upper()
data_source["sourceKeyword"]["keywordValue"] = uppercase_keyword
controlMappingSources.append(data_source)
# Create control
try:
response = auditmanager_client.update_control(
controlId=existing["id"],
name=input[control_set][control]["name"],
description=(
input[control_set][control]["description"]),
testingInformation=(
input[control_set]
[control]["testingInformation"]),
actionPlanTitle=(
input[control_set]
[control]["actionPlanTitle"]),
actionPlanInstructions=(
input[control_set]
[control]["actionPlanInstructions"]),
controlMappingSources=controlMappingSources
)
except botocore.exceptions.ClientError as error:
raise error
control_ids.append({"id": response["control"]["id"]})
break
# Creating new control if it does not already exist
if already_exists is False:
controlMappingSources = []
# Adding each data source to a
# list to feed into the control creation
for data_source in input[control_set][control]["controlMappingSources"]:
# Converting keywords to uppercase if not already
if "sourceKeyword" in data_source:
keyword = data_source["sourceKeyword"]["keywordValue"]
if keyword.isupper() is not True:
uppercase_keyword = keyword.upper()
data_source["sourceKeyword"]["keywordValue"] = uppercase_keyword
controlMappingSources.append(data_source)
# Create control
try:
response = auditmanager_client.create_control(
name=input[control_set][control]["name"],
description=input[control_set][control]["description"],
testingInformation=(
input[control_set][control]["testingInformation"]),
actionPlanTitle=(
input[control_set][control]["actionPlanTitle"]),
actionPlanInstructions=(
input[control_set]
[control]["actionPlanInstructions"]),
controlMappingSources=controlMappingSources
)
except botocore.exceptions.ClientError as error:
raise error
control_ids.append({"id": response["control"]["id"]})
control_sets_dict["controls"] = control_ids
control_sets.append(control_sets_dict)
return control_sets