-
Notifications
You must be signed in to change notification settings - Fork 0
/
audit.sh
executable file
·152 lines (131 loc) · 3.28 KB
/
audit.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
#!/bin/bash
set +e
#
# Set Colors
#
bold="\e[1m"
dim="\e[2m"
underline="\e[4m"
blink="\e[5m"
reset="\e[0m"
red="\e[31m"
green="\e[32m"
blue="\e[34m"
#
# Common Output Styles
#
h1() {
printf "\n${bold}${underline}%s${reset}\n" "$(echo "$@" | sed '/./,$!d')"
}
h2() {
printf "\n${bold}%s${reset}\n" "$(echo "$@" | sed '/./,$!d')"
}
info() {
printf "${dim}➜ %s${reset}\n" "$(echo "$@" | sed '/./,$!d')"
}
success() {
printf "${green}✔ %s${reset}\n" "$(echo "$@" | sed '/./,$!d')"
}
error() {
printf "${red}${bold}✖ %s${reset}\n" "$(echo "$@" | sed '/./,$!d')"
}
warnError() {
printf "${red}✖ %s${reset}\n" "$(echo "$@" | sed '/./,$!d')"
}
warnNotice() {
printf "${blue}✖ %s${reset}\n" "$(echo "$@" | sed '/./,$!d')"
}
note() {
printf "\n${bold}${blue}Note:${reset} ${blue}%s${reset}\n" "$(echo "$@" | sed '/./,$!d')"
}
typeExists() {
if [ $(type -P $1) ]; then
return 0
fi
return 1
}
if [ "x${BIN_PATH}x" = "xx" ]; then
if ! typeExists "gw-aws-audit"; then
error "gw-aws-audit is not installed"
note "To install run: curl https://i.jpillora.com/GoodwayGroup/gw-aws-audit! | bash"
note "Or use BIN_PATH=<path to binary> ./audit.sh"
exit 1
fi
BIN=gw-aws-audit
else
BIN=$BIN_PATH
fi
US="us-east-1 us-east-2 us-west-1 us-west-2"
EU="eu-central-1 eu-west-1 eu-west-2 eu-west-3 eu-south-1 eu-north-1"
AP="ap-east-1 ap-south-1 ap-northeast-3 ap-northeast-2 ap-southeast-1 ap-southeast-2 ap-northeast-1"
CHINA="cn-north-1 cn-northwest-1"
ROW="af-south-1 me-south-1 sa-east-2"
ALL="$US $EU $AP $ROW $CHINA"
if [[ "x$1x" == "xx" || "$1" == "-h" || "$1" == "--help" ]]; then
h1 "audit.sh helper script for gw-aws-audit"
h2 "Usage:"
cat <<EOF
audit.sh [gw-aws-audit commands]
EOF
h2 "Examples:"
cat <<EOF
> This will run the 'gw-aws-audit sg detached' command for every region in the US (default)
$ audit.sh sg detached
> This will run the 'gw-aws-audit ec2 stopped-hosts' for ONLY the us-west-2 region
$ AWS_REGION=us-west-2 audit.sh ec2 stopped-hosts
> This will run the 'gw-aws-audit ec2 stopped-hosts' for every region in the EU
$ REGION=eu audit.sh ec2 stopped-hosts
> This will run the 'gw-aws-audit cw monitoring' using a specific version of the tool.
$ BIN_PATH=./bin/gw-aws-audit audit.sh cw monitoring
EOF
note "REGION env values (default: US):"
cat <<EOF
US: $US
EU: $EU
AP: $AP
CH: $CHINA
ROW: $ROW
ALL: All of the above combined
You can also set AWS_REGION and that will supersede the value of REGION
EOF
success "Have fun!"
exit 0
fi
if [ "x${AWS_REGION}x" = "xx" ]; then
case $REGION in
us | US)
note "Processing for US Regions"
CHECK_REGIONS=$US
;;
ap | AP)
note "Processing for Asia Pacific Regions"
CHECK_REGIONS=$AP
;;
eu | EU)
note "Processing for EU Regions"
CHECK_REGIONS=$EU
;;
ch | CH | china | CHINA)
note "Processing for China Regions"
CHECK_REGIONS=$CHINA
;;
row | ROW)
note "Processing for Rest of World (ME, SA, AF) Regions"
CHECK_REGIONS=$ROW
;;
*)
note "Defaulting to US Regions"
CHECK_REGIONS=$US
;;
esac
else
CHECK_REGIONS=$AWS_REGION
fi
info "Regions: $CHECK_REGIONS"
info "Executing: $BIN ${@}"
for AWS_REGION in $CHECK_REGIONS; do
h1 "AWS_REGION=$AWS_REGION"
AWS_REGION=$AWS_REGION $BIN ${@}
echo ""
done
success "Done!"