JoeKarlsson · October 25, 2024 19:53
diff --git a/README.md b/README.md
diff --git a/multi_cloud_demo.sh b/multi_cloud_demo.sh
 #!/usr/bin/env bash

 #################################
 # include the -=magic=-
 # you can pass command line args
 #
 # example:
 # to disable simulated typing
 # . ../demo-magic.sh -d
 #
 # pass -h to see all options
 #################################
 . ./demo-magic.sh


 ########################
 # Configure the options
 ########################

 #
 # speed at which to simulate typing. bigger num = faster
 #
 TYPE_SPEED=100

 #
 # custom prompt
 #
 # see http://www.tldp.org/HOWTO/Bash-Prompt-HOWTO/bash-prompt-escape-sequences.html for escape sequences
 #
 DEMO_PROMPT="${GREEN}➜ ${CYAN}\W ${COLOR_RESET}"

 # text color
 # DEMO_CMD_COLOR=$BLACK

 # enters interactive mode and allows newly typed command to be executed
 cmd

 # Clean up previous demo and hide the evidence
 ei "[ -f 'aws_to_postgresql.yaml' ] && rm 'aws_to_postgresql.yaml'"
 ei "[ -f 'gcp_to_postgresql.yaml' ] && rm 'gcp_to_postgresql.yaml'"
 clear

 wait

 pei "brew install cloudquery/tap/cloudquery"

 pei "cloudquery login"

 p "Initialize the project with an AWS to PostgreSQL sync"

 pei "cloudquery init --source=aws --destination=postgresql"

 wait

 p "Change CloudQuery config so it syncs aws_s3_buckets"

 pei "sed -i '' 's/tables: \[\"aws_ec2_instances\"\]/tables: \[\"aws_s3_buckets\"\]/' aws_to_postgresql.yaml"

 pei "code aws_to_postgresql.yaml"

 wait

 clear

 pei "docker run --name postgres_container \
  --restart unless-stopped \
  --env POSTGRES_USER=postgres \
  --env POSTGRES_PASSWORD=postgres \
  --env POSTGRES_HOST=db \
  --env POSTGRES_DB=asset_inventory \
  --publish 5432:5432 \
  --volume pgdata:/var/lib/postgresql/data \
  postgres"

 pei "docker exec -it postgres_container psql -U postgres -c 'CREATE DATABASE asset_inventory;'"

 pei "export POSTGRESQL_CONNECTION_STRING='postgresql://postgres:postgres@localhost:5432/asset_inventory'"

 clear

 pe "cloudquery sync aws_to_postgresql.yaml"

 wait

 p "List the first 10 S3 buckets in the database"

 pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c 'SELECT name, region FROM aws_s3_buckets LIMIT 10;'"

 wait

 clear

 p "List all buckets created in the last 30 days, grouped by region"

 pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c \"
 SELECT 
    region, 
    COUNT(*) AS bucket_count 
 FROM 
    aws_s3_buckets 
 WHERE 
    creation_date >= NOW() - INTERVAL '30 days'
 GROUP BY 
    region
 ORDER BY 
    bucket_count DESC;
 \""

 wait

 clear

 p "Identify buckets with public access policies"

 pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c \"
 SELECT 
    name, 
    arn, 
    policy_status 
 FROM 
    aws_s3_buckets 
 WHERE 
    policy_status->>'isPublic' = 'true';
 \""

 # ~/google-cloud-sdk/bin/gcloud init # gcloud init 

 p "Next, let's add GCP to our Asset Inventory - initialize the project with a GCP to PostgreSQL sync"

 pe "cloudquery init --source=gcp --destination=postgresql"

 wait

 # pei "~/google-cloud-sdk/bin/gcloud auth application-default login" # gcloud auth application-default login

 pei "sed -i '' '/project_ids: \[\"my-project\"\]/d' gcp_to_postgresql.yaml"

 pei "cloudquery sync gcp_to_postgresql.yaml"

 wait

 p "Count the number of storage buckets per location in GCP"

 pe 'docker exec -it postgres_container psql -U postgres -d asset_inventory -c "
 SELECT 
    location, 
    COUNT(*) AS bucket_count, 
    SUM(CASE WHEN public_access_prevention = 1 THEN 1 ELSE 0 END) AS public_access_prevention_enabled
 FROM 
    gcp_storage_buckets 
 GROUP BY 
    location
 ORDER BY 
    bucket_count DESC;"
 '

 wait

 clear

 p "Count buckets by location and identify how many have public access prevention enabled"

 pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c \"
 SELECT 
    location, 
    COUNT(*) AS bucket_count, 
    SUM(CASE WHEN public_access_prevention = 1 THEN 1 ELSE 0 END) AS public_access_prevention_enabled
 FROM 
    gcp_storage_buckets 
 GROUP BY 
    location
 ORDER BY 
    bucket_count DESC;
 \""

 wait

 clear

 p "Retrieve bucket names, their creation dates, regions/locations, and cloud provider information from both AWS and GCP."

 pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c \"
 SELECT 
    name AS bucket_name,
    creation_date AS created_date,
    region AS location,
    'AWS' AS cloud_provider
 FROM 
    aws_s3_buckets

 UNION ALL

 SELECT 
    name AS bucket_name,
    created AS created_date,
    location AS location,
    'GCP' AS cloud_provider
 FROM 
    gcp_storage_buckets
 ORDER BY 
    created_date DESC;
 \""

 wait

 p "Done!"

 wait

 p "Press ENTER to reset..."

 wait

 clear

 pei "[ -f 'aws_to_postgresql.yaml' ] && rm 'aws_to_postgresql.yaml'"
 pei "[ -f 'gcp_to_postgresql.yaml' ] && rm 'gcp_to_postgresql.yaml'"
	#!/usr/bin/env bash

	#################################
	# include the -=magic=-
	# you can pass command line args
	#
	# example:
	# to disable simulated typing
	# . ../demo-magic.sh -d
	#
	# pass -h to see all options
	#################################
	. ./demo-magic.sh


	########################
	# Configure the options
	########################

	#
	# speed at which to simulate typing. bigger num = faster
	#
	TYPE_SPEED=100

	#
	# custom prompt
	#
	# see http://www.tldp.org/HOWTO/Bash-Prompt-HOWTO/bash-prompt-escape-sequences.html for escape sequences
	#
	DEMO_PROMPT="${GREEN}➜ ${CYAN}\W ${COLOR_RESET}"

	# text color
	# DEMO_CMD_COLOR=$BLACK

	# enters interactive mode and allows newly typed command to be executed
	cmd

	# Clean up previous demo and hide the evidence
	ei "[ -f 'aws_to_postgresql.yaml' ] && rm 'aws_to_postgresql.yaml'"
	ei "[ -f 'gcp_to_postgresql.yaml' ] && rm 'gcp_to_postgresql.yaml'"
	clear

	wait

	pei "brew install cloudquery/tap/cloudquery"

	pei "cloudquery login"

	p "Initialize the project with an AWS to PostgreSQL sync"

	pei "cloudquery init --source=aws --destination=postgresql"

	wait

	p "Change CloudQuery config so it syncs aws_s3_buckets"

	pei "sed -i '' 's/tables: \[\"aws_ec2_instances\"\]/tables: \[\"aws_s3_buckets\"\]/' aws_to_postgresql.yaml"

	pei "code aws_to_postgresql.yaml"

	wait

	clear

	pei "docker run --name postgres_container \
	--restart unless-stopped \
	--env POSTGRES_USER=postgres \
	--env POSTGRES_PASSWORD=postgres \
	--env POSTGRES_HOST=db \
	--env POSTGRES_DB=asset_inventory \
	--publish 5432:5432 \
	--volume pgdata:/var/lib/postgresql/data \
	postgres"

	pei "docker exec -it postgres_container psql -U postgres -c 'CREATE DATABASE asset_inventory;'"

	pei "export POSTGRESQL_CONNECTION_STRING='postgresql://postgres:postgres@localhost:5432/asset_inventory'"

	clear

	pe "cloudquery sync aws_to_postgresql.yaml"

	wait

	p "List the first 10 S3 buckets in the database"

	pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c 'SELECT name, region FROM aws_s3_buckets LIMIT 10;'"

	wait

	clear

	p "List all buckets created in the last 30 days, grouped by region"

	pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c \"
	SELECT
	region,
	COUNT(*) AS bucket_count
	FROM
	aws_s3_buckets
	WHERE
	creation_date >= NOW() - INTERVAL '30 days'
	GROUP BY
	region
	ORDER BY
	bucket_count DESC;
	\""

	wait

	clear

	p "Identify buckets with public access policies"

	pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c \"
	SELECT
	name,
	arn,
	policy_status
	FROM
	aws_s3_buckets
	WHERE
	policy_status->>'isPublic' = 'true';
	\""

	# ~/google-cloud-sdk/bin/gcloud init # gcloud init

	p "Next, let's add GCP to our Asset Inventory - initialize the project with a GCP to PostgreSQL sync"

	pe "cloudquery init --source=gcp --destination=postgresql"

	wait

	# pei "~/google-cloud-sdk/bin/gcloud auth application-default login" # gcloud auth application-default login

	pei "sed -i '' '/project_ids: \[\"my-project\"\]/d' gcp_to_postgresql.yaml"

	pei "cloudquery sync gcp_to_postgresql.yaml"

	wait

	p "Count the number of storage buckets per location in GCP"

	pe 'docker exec -it postgres_container psql -U postgres -d asset_inventory -c "
	SELECT
	location,
	COUNT(*) AS bucket_count,
	SUM(CASE WHEN public_access_prevention = 1 THEN 1 ELSE 0 END) AS public_access_prevention_enabled
	FROM
	gcp_storage_buckets
	GROUP BY
	location
	ORDER BY
	bucket_count DESC;"
	'

	wait

	clear

	p "Count buckets by location and identify how many have public access prevention enabled"

	pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c \"
	SELECT
	location,
	COUNT(*) AS bucket_count,
	SUM(CASE WHEN public_access_prevention = 1 THEN 1 ELSE 0 END) AS public_access_prevention_enabled
	FROM
	gcp_storage_buckets
	GROUP BY
	location
	ORDER BY
	bucket_count DESC;
	\""

	wait

	clear

	p "Retrieve bucket names, their creation dates, regions/locations, and cloud provider information from both AWS and GCP."

	pe "docker exec -it postgres_container psql -U postgres -d asset_inventory -c \"
	SELECT
	name AS bucket_name,
	creation_date AS created_date,
	region AS location,
	'AWS' AS cloud_provider
	FROM
	aws_s3_buckets

	UNION ALL

	SELECT
	name AS bucket_name,
	created AS created_date,
	location AS location,
	'GCP' AS cloud_provider
	FROM
	gcp_storage_buckets
	ORDER BY
	created_date DESC;
	\""

	wait

	p "Done!"

	wait

	p "Press ENTER to reset..."

	wait

	clear

	pei "[ -f 'aws_to_postgresql.yaml' ] && rm 'aws_to_postgresql.yaml'"
	pei "[ -f 'gcp_to_postgresql.yaml' ] && rm 'gcp_to_postgresql.yaml'"