I am trying to pull data from AWS GuardDuty from an AWS account. I am running into to issues where the account will connect but not gather any findings and post to my threatdetection.html page. I have the access_key, secret_key, and DETECTOR_ID all previously defined earlier in the file.
@app.route('/threatdetection')
@login_required
def guardduty_alerts():
client = boto3.client('guardduty', aws_access_key_id=session['access_key'],
aws_secret_access_key=session['secret_key'], region_name='us-east-1'
try:
list_findings_response = client.list_findings(DetectorId=DETECTOR_ID)
finding_ids = list_findings_response['FindingIds']
if finding_ids:
findings_response = client.get_findings(DetectorId=DETECTOR_ID,
FindingIds=finding_ids)
findings = findings_response['Findings']
else:
findings = []
return render_template('threatdetection.html', findings=findings)
except botocore.exceptions.ClientError as e:
print("Error getting findings:", e)
return render_template('threatdetection.html', findings=[])