😎
Security Hub の Finding を取得
これは何
Security Hub で特定 Severity 以上の Finding を取得する
コード
import boto3
securityhub = boto3.client('securityhub')
def get_findings():
findings = []
token = None
while True:
options = {
'Filters': {
'ComplianceStatus': [
{'Value': 'FAILED', 'Comparison': 'EQUALS'},
],
'SeverityLabel': [
{'Value': 'CRITICAL', 'Comparison': 'EQUALS'},
# {'Value': 'HIGH', 'Comparison': 'EQUALS'},
# {'Value': 'MEDIUM', 'Comparison': 'EQUALS'},
# {'Value': 'LOW', 'Comparison': 'EQUALS'},
],
}
}
if token is not None:
options['NextToken'] = token
resp = securityhub.get_findings(**options)
findings += resp['Findings']
if 'NextToken' not in resp:
break
token = resp['NextToken']
time.sleep(0.2)
return findings
def main():
findings = get_findings()
print(f'count: {len(findings)}')
for i in findings:
print(i)
Discussion