Skip to content

Commit

Permalink
Add destination bucket validation
Browse files Browse the repository at this point in the history
  • Loading branch information
AlexRuiz7 committed Apr 18, 2024
1 parent eb081b3 commit 7996e02
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 5 deletions.
18 changes: 13 additions & 5 deletions integrations/amazon-security-lake/src/lambda_function.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,15 @@
from botocore.exceptions import ClientError
import wazuh_ocsf_converter

no_dst_bucket_msg="Destination bucket not set. Please, set the AWS_BUCKET environment variable with the name of the Amazon Security Lake dedicated S3 bucket."

# Initialize boto3 client outside the handler
s3_client = boto3.client(
service_name='s3',
aws_access_key_id=os.environ['AWS_ACCESS_KEY_ID'],
aws_secret_access_key=os.environ['AWS_SECRET_ACCESS_KEY'],
region_name=os.environ['AWS_DEFAULT_REGION'],
endpoint_url='http://s3.ninja:9000',
aws_access_key_id=os.environ.get('AWS_ACCESS_KEY_ID'),
aws_secret_access_key=os.environ.get('AWS_SECRET_ACCESS_KEY'),
region_name=os.environ.get('AWS_DEFAULT_REGION'),
endpoint_url=os.environ.get('AWS_ENDPOINT'),
)

def get_events(bucket: str, key: str) -> list:
Expand Down Expand Up @@ -56,10 +58,16 @@ def lambda_handler(event, context):
# Extract bucket and key from S3 event
src_bucket = event['Records'][0]['s3']['bucket']['name']
key = urllib.parse.unquote_plus(event['Records'][0]['s3']['object']['key'], encoding='utf-8')
dst_bucket = os.environ['AWS_BUCKET']
dst_bucket = os.environ.get('AWS_BUCKET')
logging.info(f"Lambda function invoked due to {key}.")
logging.info(f"Source bucket name is {src_bucket}. Destination bucket is {dst_bucket}.")

if not dst_bucket:
logging.error(no_dst_bucket_msg)
return {
'success': False
}

# Read events from source S3 bucket
raw_events = get_events(src_bucket, key)

Expand Down
1 change: 1 addition & 0 deletions integrations/docker/amazon-security-lake.yml
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,7 @@ services:
AWS_SECRET_ACCESS_KEY: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
AWS_DEFAULT_REGION: "us-east-1"
AWS_BUCKET: "wazuh-indexer-amazon-security-lake-bucket"
AWS_ENDPOINT: "http://s3.ninja:9000"
volumes:
- ../amazon-security-lake/src:/var/task
ports:
Expand Down

0 comments on commit 7996e02

Please sign in to comment.