What Changed
The AWS CloudTrail Azure Function connector now properly handles unsupported file types by initializing the extracted_file variable and adding explicit error logging for unrecognized file extensions.
Security Impact (Visibility & Fidelity)
Prior to this fix, the CloudTrail ingestion function would crash with a NameError when encountering files with unsupported extensions (anything other than .csv.gz, .json.gz, or .json). This crash would terminate the ingestion process for that execution cycle, creating potential blind spots in CloudTrail audit log visibility.
The fix ensures the function continues processing other files in the S3 bucket even when encountering unsupported formats, maintaining continuous audit log ingestion and preventing data loss from function crashes.
Affected Files
DataConnectors/AWS-CloudTrail-AzureFunction/AzFunAWSCloudTrailLogsIngestion/__init__.py
(packaging artefacts: AzFunAWSCloudTrailLogsIngestion.zip)