forked from CrowdStrike/Cloud-GCP
-
Notifications
You must be signed in to change notification settings - Fork 0
/
existing.sh
executable file
·81 lines (75 loc) · 2.52 KB
/
existing.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
#!/bin/bash
export TESTS="${HOME}/testfiles"
RD="\033[1;31m"
GRN="\033[1;33m"
NC="\033[0;0m"
LB="\033[1;34m"
# Source the common functions
source ./.functions.sh
# Ensure script is ran in cloud-storage-protection directory
[[ -d existing ]] && [[ -d cloud-function ]] || die "Please run this script from the cloud-storage-protection root directory"
if [ -z "$1" ]
then
echo "You must specify 'up' or 'down' to run this script"
exit 1
fi
MODE=$(echo "$1" | tr [:upper:] [:lower:])
if [[ "$MODE" == "up" ]]
then
# Get the GCP project ID
PROJECT_ID=$(gcp_get_project_id)
echo "--------------------------------------------------"
echo "Using GCP project ID: $PROJECT_ID"
echo "--------------------------------------------------"
read -sp "CrowdStrike API Client ID: " FID
echo
read -sp "CrowdStrike API Client SECRET: " FSECRET
echo
read -p "Bucket name: " BUCKET_NAME
# Make sure variables are not empty
if [ -z "$FID" ] || [ -z "$FSECRET" ]
then
die "You must specify a valid CrowdStrike API Client ID and SECRET"
fi
# Verify the CrowdStrike API credentials
echo "Verifying CrowdStrike API credentials..."
cs_falcon_cloud="us-1"
response_headers=$(mktemp)
cs_verify_auth
# Get the base URL for the CrowdStrike API
cs_set_base_url
echo "Falcon Cloud URL set to: $(cs_cloud)"
# Cleanup tmp file
rm "${response_headers}"
# Initialize Terraform
if ! [ -f existing/.terraform.lock.hcl ]; then
terraform -chdir=existing init
fi
# Apply Terraform
terraform -chdir=existing apply -compact-warnings --var falcon_client_id=$FID \
--var falcon_client_secret=$FSECRET --var project_id=$PROJECT_ID \
--var base_url=$(cs_cloud) --var bucket_name=$BUCKET_NAME --auto-approve
echo -e "$GRN\nPausing for 30 seconds to allow configuration to settle.$NC"
sleep 30
configure_cloud_shell "existing"
exit 0
fi
if [[ "$MODE" == "down" ]]
then
# Destroy Terraform
read -p "Bucket name: " BUCKET_NAME
success=1
while [ $success -ne 0 ]; do
terraform -chdir=existing destroy -compact-warnings --var bucket_name=$BUCKET_NAME --auto-approve
success=$?
if [ $success -ne 0 ]; then
echo -e "$RD\nTerraform destroy failed. Retrying in 5 seconds.$NC"
sleep 5
fi
done
sudo rm /usr/local/bin/get-findings /usr/local/bin/upload /usr/local/bin/list-bucket 2>/dev/null
rm -rf $TESTS /tmp/malicious 2>/dev/null
env_destroyed
exit 0
fi
die "Invalid command specified."