-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathexample.sh
More file actions
48 lines (37 loc) · 1.16 KB
/
example.sh
File metadata and controls
48 lines (37 loc) · 1.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/bin/bash
# Define aws cli profile to use
profile="default"
# Source Functions
for file in /Users/gsoyka/Projects/aws-scripts/functions/*
do echo "Sourcing $file" && source $file
done
# Source variables
source /Users/gsoyka/Projects/aws-scripts/vars/$profile.sh
### Main ###
# Iterate over all regions
for region in ${all_regions[*]}
do Enable-VpcFlowLogs $profile $region
done
# Iterate over all used regions
for region in ${used_regions[*]}
do Create-S3LogBuckets $profile $region
done
# Iterate over all unusued regions
for region in $all_regions
do
if [[ ${used_regions[*]} =~ $region ]]
then
echo -e "\n$region is in Used Regions; Ignoring"
else
Set-DefaultSGRules $profile $region
Delete-DefaultNaclRule $profile $region
fi
done
# Enable bucket logging for all buckets in account
Enable-S3BucketLogging $profile $s3_user_id $s3_owner_display_name
# Enable S3 Object versioning for all buckets
Enable-S3ObjectVersioning $profile
# Ensure that a customer manager encryption key exists in all regions
Create-DefaultKey $profile
# Disable access keys that have not been used in 90 days
Disable-InactiveAccessKeys $profile