Check shared_account_ids against current Account ID

panther-labs · Dec 13, 2023 · 58b0ad8 · 58b0ad8
1 parent 5a3ff46
commit 58b0ad8
Showing 1 changed file with 1 addition and 4 deletions.
diff --git a/rules/aws_cloudtrail_rules/aws_rds_snapshot_shared.py b/rules/aws_cloudtrail_rules/aws_rds_snapshot_shared.py
@@ -1,8 +1,5 @@
 from panther_base_helpers import aws_rule_context
 
-# Account IDs exempted from this rule
-ALLOWED_ACCOUNTS = {}
-
 
 def rule(event):
     if all(
@@ -18,7 +15,7 @@ def rule(event):
             return any(
                 account_id
                 for account_id in shared_account_ids
-                if account_id not in ALLOWED_ACCOUNTS
+                if account_id != event.deep_get("userIdentity", "accountId", default="")
             )
         return False
     return False