adding kb ingestion encryption check rule

Author: cyphronix

aws_sra_examples/solutions/genai/bedrock_org/lambda/rules/sra_bedrock_check_kb_ingestion_encryption/app.py

@@ -0,0 +1,108 @@
+"""Config rule to check knowledge base data ingestion encryption for Bedrock environments.
+
+Version: 1.0
+
+Config rule for SRA in the repo, https://github.com/aws-samples/aws-security-reference-architecture-examples
+
+Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+SPDX-License-Identifier: MIT-0
+"""
+import json
+import logging
+import os
+from typing import Any
+
+import boto3
+from botocore.exceptions import ClientError
+
+# Setup Default Logger
+LOGGER = logging.getLogger(__name__)
+log_level = os.environ.get("LOG_LEVEL", logging.INFO)
+LOGGER.setLevel(log_level)
+LOGGER.info(f"boto3 version: {boto3.__version__}")
+
+# Get AWS region from environment variable
+AWS_REGION = os.environ.get("AWS_REGION")
+
+# Initialize AWS clients
+bedrock_agent_client = boto3.client("bedrock-agent", region_name=AWS_REGION)
+config_client = boto3.client("config", region_name=AWS_REGION)
+
+def evaluate_compliance(rule_parameters: dict) -> tuple[str, str]:
+    """Evaluate if Bedrock Knowledge Base data sources are encrypted with KMS.
+
+    Args:
+        rule_parameters (dict): Rule parameters from AWS Config rule.
+
+    Returns:
+        tuple[str, str]: Compliance type and annotation message.
+    """
+    try:
+        # List all knowledge bases
+        non_compliant_kbs = []
+        paginator = bedrock_agent_client.get_paginator("list_knowledge_bases")
+        
+        for page in paginator.paginate():
+            for kb in page["knowledgeBaseSummaries"]:
+                kb_id = kb["knowledgeBaseId"]
+                kb_name = kb.get("name", kb_id)
+                
+                # Get data sources for each knowledge base
+                try:
+                    data_sources = bedrock_agent_client.list_data_sources(
+                        knowledgeBaseId=kb_id
+                    )
+                    
+                    # Check if any data source is not encrypted
+                    unencrypted_sources = []
+                    for source in data_sources.get("dataSourceSummaries", []):
+                        if not source.get("serverSideEncryptionConfiguration", {}).get("kmsKeyArn"):
+                            unencrypted_sources.append(source.get("name", source["dataSourceId"]))
+                    
+                    if unencrypted_sources:
+                        non_compliant_kbs.append(f"{kb_name} (unencrypted sources: {', '.join(unencrypted_sources)})")
+                
+                except ClientError as e:
+                    LOGGER.error(f"Error checking data sources for knowledge base {kb_name}: {str(e)}")
+                    if e.response["Error"]["Code"] == "AccessDeniedException":
+                        non_compliant_kbs.append(f"{kb_name} (access denied)")
+                    else:
+                        raise
+
+        if non_compliant_kbs:
+            return "NON_COMPLIANT", f"The following knowledge bases have unencrypted data sources: {'; '.join(non_compliant_kbs)}"
+        return "COMPLIANT", "All knowledge base data sources are encrypted with KMS"
+
+    except Exception as e:
+        LOGGER.error(f"Error evaluating Bedrock Knowledge Base encryption: {str(e)}")
+        return "ERROR", f"Error evaluating compliance: {str(e)}"
+
+def lambda_handler(event: dict, context: Any) -> None:  # noqa: U100
+    """Lambda handler.
+
+    Args:
+        event (dict): Lambda event object
+        context (Any): Lambda context object
+    """
+    LOGGER.info("Evaluating compliance for AWS Config rule")
+    LOGGER.info(f"Event: {json.dumps(event)}")
+
+    invoking_event = json.loads(event["invokingEvent"])
+    rule_parameters = json.loads(event["ruleParameters"]) if "ruleParameters" in event else {}
+
+    compliance_type, annotation = evaluate_compliance(rule_parameters)
+
+    evaluation = {
+        "ComplianceResourceType": "AWS::::Account",
+        "ComplianceResourceId": event["accountId"],
+        "ComplianceType": compliance_type,
+        "Annotation": annotation,
+        "OrderingTimestamp": invoking_event["notificationCreationTime"],
+    }
+
+    LOGGER.info(f"Compliance evaluation result: {compliance_type}")
+    LOGGER.info(f"Annotation: {annotation}")
+
+    config_client.put_evaluations(Evaluations=[evaluation], ResultToken=event["resultToken"])  # type: ignore
+
+    LOGGER.info("Compliance evaluation complete.") 

aws_sra_examples/solutions/genai/bedrock_org/lambda/src/app.py

@@ -202,6 +202,8 @@ def load_sra_cloudwatch_dashboard() -> dict:
     + r'\[((?:"[0-9]+"(?:\s*,\s*)?)*)\],\s*"regions"\s*:\s*\[((?:"[a-z0-9-]+"(?:\s*,\s*)?)*)\]\}$',
     "SRA-BEDROCK-CHECK-KB-LOGGING": r'^\{"deploy"\s*:\s*"(true|false)",\s*"accounts"\s*:\s*\[((?:"[0-9]+"(?:\s*,\s*)?)*)\],\s*"regions"\s*:\s*'
     + r'\[((?:"[a-z0-9-]+"(?:\s*,\s*)?)*)\],\s*"input_params"\s*:\s*(\{\})\}$',
+    "SRA-BEDROCK-CHECK-KB-INGESTION-ENCRYPTION": r'^\{"deploy"\s*:\s*"(true|false)",\s*"accounts"\s*:\s*\[((?:"[0-9]+"(?:\s*,\s*)?)*)\],\s*"regions"\s*:\s*'
+    + r'\[((?:"[a-z0-9-]+"(?:\s*,\s*)?)*)\],\s*"input_params"\s*:\s*(\{\})\}$',
 }
 
 # Instantiate sra class objects

aws_sra_examples/solutions/genai/bedrock_org/lambda/src/sra_config_lambda_iam_permissions.json

@@ -137,5 +137,21 @@
         "Resource": "*"
       }
     ]
+  },
+  "sra-bedrock-check-kb-ingestion-encryption": {
+    "Version": "2012-10-17",
+    "Statement": [
+      {
+        "Sid": "AllowKnowledgeBaseAccess",
+        "Effect": "Allow",
+        "Action": [
+          "bedrock:ListKnowledgeBases",
+          "bedrock:GetKnowledgeBase",
+          "bedrock:ListDataSources",
+          "bedrock:GetDataSource"
+        ],
+        "Resource": "*"
+      }
+    ]
   }
 }

aws_sra_examples/solutions/genai/bedrock_org/templates/sra-bedrock-org-main.yaml

@@ -292,6 +292,17 @@ Parameters:
       Example: {\"deploy\": \"true\", \"accounts\": [\"123456789012\"], \"regions\": [\"us-east-1\"], \"input_params\": {}} or
       {\"deploy\": \"false\", \"accounts\": [], \"regions\": [], \"input_params\": {}}"
 
+  pBedrockKBIngestionEncryptionRuleParams:
+    Type: String
+    Default: '{"deploy": "true", "accounts": ["444455556666"], "regions": ["us-west-2"], "input_params": {}}'
+    Description: Bedrock Knowledge Base Data Ingestion Encryption Config Rule Parameters
+    AllowedPattern: ^\{"deploy"\s*:\s*"(true|false)",\s*"accounts"\s*:\s*\[((?:"[0-9]+"(?:\s*,\s*)?)*)\],\s*"regions"\s*:\s*\[((?:"[a-z0-9-]+"(?:\s*,\s*)?)*)\],\s*"input_params"\s*:\s*(\{\})\}$
+    ConstraintDescription: 
+      "Must be a valid JSON string containing: 'deploy' (true/false), 'accounts' (array of account numbers), 
+      'regions' (array of region names), and 'input_params' object/dict (input params must be empty). Arrays can be empty. 
+      Example: {\"deploy\": \"true\", \"accounts\": [\"123456789012\"], \"regions\": [\"us-east-1\"], \"input_params\": {}} or
+      {\"deploy\": \"false\", \"accounts\": [], \"regions\": [], \"input_params\": {}}"
+
 Metadata:
   AWS::CloudFormation::Interface:
     ParameterGroups:
@@ -333,6 +344,7 @@ Metadata:
           - pBedrockS3EndpointsRuleParams
           - pBedrockGuardrailEncryptionRuleParams
           - pBedrockKBLoggingRuleParams
+          - pBedrockKBIngestionEncryptionRuleParams
       - Label:
           default: Bedrock CloudWatch Metric Filters
         Parameters:
@@ -402,6 +414,8 @@ Metadata:
         default: Bedrock Regions
       pBedrockKBLoggingRuleParams:
         default: Bedrock Knowledge Base Logging Config Rule Parameters
+      pBedrockKBIngestionEncryptionRuleParams:
+        default: Bedrock Knowledge Base Data Ingestion Encryption Config Rule Parameters
 
 Resources:
   rBedrockOrgLambdaRole:
@@ -683,6 +697,7 @@ Resources:
       SRA-BEDROCK-FILTER-SENSITIVE-INFO: !Ref pBedrockSensitiveInfoFilterParams
       SRA-BEDROCK-CENTRAL-OBSERVABILITY: !Ref pBedrockCentralObservabilityParams
       SRA-BEDROCK-CHECK-KB-LOGGING: !Ref pBedrockKBLoggingRuleParams
+      SRA-BEDROCK-CHECK-KB-INGESTION-ENCRYPTION: !Ref pBedrockKBIngestionEncryptionRuleParams
 
   rBedrockOrgLambdaInvokePermission:
     Type: AWS::Lambda::Permission