Get tags from iam identity

    0

    5

    yemisprojects

    def get_resource_tag(event):
  """
  Takes in a cloudtrail event, extract IAM identity and returns a list of resource tags 
  """
  resource_tags = []
  user_id = event.get("detail").get("userIdentity")

  if user_id.get("type") == "IAMUser" and user_id.get("userName"):
    user_name = user_id.get("userName")
    resource_tags.append( {"Key": "CreatedByUser", "Value": user_name} )
    resource_tags.append( {"Key": "DateCreated", "Value": event.get("detail").get("eventTime")} )  
    log.debug(f"IAM user tags parsed from Cloudtrail event: {resource_tags}")
    try:
      tags = get_iam_identity_tags(user_name=user_name)
      resource_tags.extend(tags)
    except ClientError as error:
      log.exception(error)

  elif user_id.get("type") == "AssumedRole" and user_id.get("arn"):
    role_name = user_id.get("arn").split("/")[-2]
    resource_tags.append( {"Key": "CreatedByRole", "Value": role_name} )
    resource_tags.append( {"Key": "DateCreated", "Value": event.get("detail").get("eventTime")} )  
    log.debug(f"IAM Role tags parsed from Cloudtrail event: {resource_tags}")
    try:
      tags = get_iam_identity_tags(role_name=role_name)
      resource_tags.extend(tags)
    except ClientError as error:
      log.exception(error)
    Codiga Logo
    Codiga Hub
    • Rulesets
    • Playground
    • Snippets
    • Cookbooks
    Codiga
    Code Analysis
    Code Snippets
    Support
    Legal
    soc-2 icon

    We are SOC-2 Compliance Certified

    G2 high performer medal

    Codiga – All rights reserved 2022.