Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.gitignore		.gitignore
README.md		README.md
main.tf		main.tf
sample_report.html		sample_report.html
terraform.tfvars.example		terraform.tfvars.example
test.sh		test.sh

Repository files navigation

Google Storage Signed URLS - VPC Service Controls Testing

This project testing for Google Cloud Platform's VPC Service Controls (VPC-SC) using Terraform and Bash scripting.

TL;DR: It works as expected!

You can see a sample report in the sample_report.html file.

What's Being Tested

This suite checks:

Pre-VPC-SC tests:
- Can we access stuff with a regular signed URL? (Should work)
- A signed URL with a custom header? (Should also work)
- Missing the custom header? (Should fail!)
- gsutil access (Should be fine)
- Using gcloud storage ls (Should work)
- Making sure the content type is what we expect (text/plain in this case)

Sleep for 30 seconds to allow the VPC-SC lockdown to take effect.

Post-VPC-SC lockdown (which should all be blocked):
- Trying that pre-VPC-SC signed URL again
- The custom header URL from before
- A fresh post-VPC-SC signed URL with the right header
- Same URL without the header
- gsutil access
- gcloud listing
- Checking the content type again

Prerequisites

Terraform 1.0+
Google Cloud SDK
Bash shell

Setup

Clone this repository
Set up your GCP credentials
Update terraform.tfvars with your project-specific information

Usage

To run the full test suite:

./test.sh

About

No description, website, or topics provided.

Report repository

Releases

No releases published

Packages

No packages published

Languages