WhoDat/ls-report.sh at main · FMI-Test/WhoDat · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
#!/bin/bash

# Process Logical Segregation Report

myDir="$( dirname "$0" )"
source "${myDir}/incl.sh"

export DATAFOLDER='/tmp/oneidm'

TITLE="GR2-0 / CoreTech ${GREEN}Logical Segregation Report${NORMAL}"
ppwide "$(date) ${TITLE}"

echo
echo -e "Select Execution Options"
wline

# Go/no-go Check - Cleanup /tmp/oneidm
GO_CLN=$(goNoGoCheck "1. Do you want to clean ${DATAFOLDER}")
echo

# Go/no-go Check - Commercial
GO_COM=$(goNoGoCheck "2. Do you want to run Commercial report")
echo

# Go/no-go Check - GovCloud
GO_GOV=$(goNoGoCheck "3. Do you want to run GovCloud Report")
echo

iDebug "GO_CLN :: $GO_CLN"
iDebug "GO_COM :: $GO_COM"
iDebug "GO_GOV :: $GO_GOV"

echo
echo -e "Selected Execution Options"
wline
[ 0 -eq "$GO_CLN" ] && echo -e "${Green}KEEP${NC} 1. Clean ${DATAFOLDER}"  || echo -e "${Yellow}SKIP 1. Clean ${DATAFOLDER}${NC}"
[ 0 -eq "$GO_COM" ] && echo -e "${Green}KEEP${NC} 2. Run Commercial Report" || echo -e "${Yellow}SKIP 2. Commercial Report${NC} "
[ 0 -eq "$GO_GOV" ] && echo -e "${Green}KEEP${NC} 3. Run GovCloud Report" || echo -e "${Yellow}SKIP 3. Run GovCloud Report${NC}"
wline

# Go/no-go - Final
goNoGo
echo

# Clean 'DATAFOLDER' folder
[ 0 -eq "$GO_CLN" ] && rm -r "$DATAFOLDER"

### I. Get IAM Roles Trust Relationship / Commercial
# Commercial › Setting › Run from whodat dir
if [ 0 -eq "$GO_COM" ]; then
    export AWS_PROFILE=GEAdmin
    export DATAFOLDER='/tmp/oneidm'
    export INPUT='gect-sox-com'
    export INPUT_FILE="inputs/${INPUT}.tab"
    export LOG_FILE="${DATAFOLDER}/${INPUT}.log"
    export LOG_BASH="${DATAFOLDER}/${INPUT}.sh.log"
    export SED_FILT='s/\x1b\[[0-9;]*[a-zA-Z]//g'  # Filter Colors

    # 1. Commercial › Setting › Gos3 Login
    gos3 mmp | tee $LOG_BASH

    # 2. Commercial › Check & Validate Input
    ./oneidm-explorer.sh --input $INPUT | tee $LOG_BASH

    # 3. Commercial › Process Roles & Trust Relationships
    src/iam-list-roles-trust.py --input-file inputs/${INPUT}.tab

    # 4. Commercial Users Credentials
    src/qar_utility.py --datafolder $DATAFOLDER --input-file $INPUT_FILE -cs

    # 4.1 Commercial Users Credentials - rerun
    src/qar_utility.py --datafolder $DATAFOLDER --input-file $INPUT_FILE -cs
fi

### II. Get IAM Roles Trust Relationship / GovCloud
# GovCloud › Setting › Run from whodat dir
if [ 0 -eq "$GO_GOV" ]; then
    export AWS_PROFILE=Gov-GEAdmin
    export DATAFOLDER='/tmp/oneidm'
    export INPUT='gect-sox-gov'
    export INPUT_FILE="inputs/${INPUT}.tab"
    export LOG_FILE="${DATAFOLDER}/${INPUT}.log"
    export LOG_BASH="${DATAFOLDER}/${INPUT}.sh.log"
    export SED_FILT='s/\x1b\[[0-9;]*[a-zA-Z]//g'  # Filter Colors

    # 1. GovCloud › Setting › Gos3 Login
    gos3 mmp-gov | tee $LOG_BASH

    # 2. GovCloud › Check & Validate Input
    ./oneidm-explorer.sh --input $INPUT | tee $LOG_BASH

    # 3. GovCloud › Process Roles & Trust Relationships
    src/iam-list-roles-trust.py --input-file inputs/${INPUT}.tab

    # 4. Commercial Users Credentials
    src/qar_utility.py --datafolder $DATAFOLDER --input-file $INPUT_FILE -cs

    # 4.1 Commercial Users Credentials - rerun
    src/qar_utility.py --datafolder $DATAFOLDER --input-file $INPUT_FILE -cs
fi

## III. Extract DL Groups, Groups Managers, Groups Users & Account Users
# 1. Env Vars
export COM_FILE='/tmp/oneidm/gect-sox-com-dl-list.json'
export GOV_FILE='/tmp/oneidm/gect-sox-gov-dl-list.json'
export OUT_FILE='/tmp/oneidm/gect-sox-LS-Groups-Report.csv'

# 2. Combine Commercial & GovCloud DL names to query string
EC=0
while [ 0 -eq "$EC" ]; do
    # 3. If there is any missing DL name add it $COM_FILE rerutn #2
    # 4. Create new Logical Segregation report & Updaet its data from $OUT_FILE
    QUERY=$(jq -r '.[]' $COM_FILE | tr -d '[]",' | tr '\n' ',';jq -r '.[]' $GOV_FILE | tr -d '[]",' | tr '\n' ',')
    src/oneidm-extract.py --query "$QUERY" --output-file $OUT_FILE --append-file $COM_FILE
    EC="$?"
done


# 5. Commercial Users
if [ 0 -eq "$GO_COM" ]; then
    export USER_IN='/tmp/oneidm/gect-sox-com-LS-Credentials-Report.json'
    export USER_OT='/tmp/oneidm/gect-sox-com-LS-Users-Report.csv'
    src/oneidm-extract.py --input-user $USER_IN --output-file $USER_OT
fi

# 6. GovCloud Users
if [ 0 -eq "$GO_GOV" ]; then
    export USER_IN='/tmp/oneidm/gect-sox-gov-LS-Credentials-Report.json'
    export USER_OT='/tmp/oneidm/gect-sox-gov-LS-Users-Report.csv'
    src/oneidm-extract.py --input-user $USER_IN --output-file $USER_OT
fi

echo -e "
## IV. Consolidate All to One File
1. Create **new Logical Segration folder** from `template`
    - Copy Source: 'LS-2024-Template'
    - Rename Copy: LS-2024-'MM'-'DD'-CT-SOX
2. Copy data form 'DATAFOLDER' to **new Logical Segration folder** 'data-files'
3. From **new Logical Segration folder** open Excel file
4. Copy/Paste 'data-files/gect-sox-LS-Groups-Report.csv'
5. Copy/Paste 'data-files/gect-sox-com-LS-Users-Report.csv'
6. Copy/Paste 'data-files/gect-sox-gov-LS-Users-Report.csv'
7. Make sure all rows with data has relevant formula
8. Make sure all rows without data has no invalid formula
9. Upload to Box
"