Upload files to "/"
This commit is contained in:
182
oci.sh
Normal file
182
oci.sh
Normal file
@@ -0,0 +1,182 @@
|
||||
#!/bin/bash
|
||||
|
||||
################# FUNCTION TO DISPLAY HELP
|
||||
show_help() {
|
||||
echo "Usage: oci.sh [OPTION]"
|
||||
echo "Options:"
|
||||
echo " -lu List all users in the tenancy"
|
||||
echo " -lc List all compartments in the tenancy"
|
||||
echo " -la List and parse audit events for a specific user (filtered by email)///ONLY WORKS FOR OWN DATA"
|
||||
echo " -h Show this help message"
|
||||
}
|
||||
|
||||
|
||||
SEP="echo -------------------------------"
|
||||
|
||||
activate_venv() {
|
||||
$SEP
|
||||
echo "Activating oci-cli venv..."
|
||||
source $HOME/oci-cli/oci/bin/activate
|
||||
sleep 0.5
|
||||
$SEP
|
||||
}
|
||||
|
||||
|
||||
test_connection() {
|
||||
echo "Testing Oci Connection...."
|
||||
$SEP
|
||||
oci iam region list > /dev/null
|
||||
STATUS=$?
|
||||
|
||||
if [[ $STATUS -eq 0 ]]; then
|
||||
echo "Test connection to oci completed succesfully!"
|
||||
else
|
||||
echo "Something went wrong, check oci-cli config file"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
################# LIST ALL USERS IN TENANCY
|
||||
list_users_lite() {
|
||||
TENANCY_ID=$(oci iam compartment list --query 'data[0]."compartment-id"' --raw-output)
|
||||
echo "Listing users in tenancy: $TENANCY_ID"
|
||||
$SEP
|
||||
oci iam user list --compartment-id $TENANCY_ID | grep email | awk -F '"' '{print $4}' | grep -v '^$' | paste -sd ',' -
|
||||
$SEP
|
||||
}
|
||||
|
||||
################# LIST ALL COMPARTMENTS IN TENANCY
|
||||
list_compartments() {
|
||||
echo "Listing all compartments in the tenancy"
|
||||
$SEP
|
||||
|
||||
#////////////////TABLE HEADER\\\\\\\\\\\\\\\#########
|
||||
printf " %-25s | %-12s | %-25s | %-s\n" "Name" "State" "Created By" "Description"
|
||||
echo "$(printf '%.0s-' {1..130})"
|
||||
|
||||
#////////////FETCH AND JQ PARSE\\\\\\\\\\\\\\\#
|
||||
oci iam compartment list --all --compartment-id-in-subtree true 2>/dev/null | \
|
||||
jq -r '.data[] |
|
||||
[
|
||||
(.name // ""),
|
||||
(.["lifecycle-state"] // ""),
|
||||
(.["defined-tags"]["Oracle-Tags"]["CreatedBy"] // "" | split("/")[1] // ""),
|
||||
(.description // "")
|
||||
] |
|
||||
@tsv' | \
|
||||
awk -F'\t' '{printf " %-25s | %-12s | %-25s | %s\n", $1, $2, $3, $4}'
|
||||
|
||||
$SEP
|
||||
}
|
||||
|
||||
################# LIST AUDIT EVENTS FOR USER
|
||||
list_audit_events() {
|
||||
TENANCY_ID=$(oci iam compartment list --query 'data[0]."compartment-id"' --raw-output)
|
||||
echo "Enter email to search audit events:"
|
||||
read -p "Email: " USER_EMAIL
|
||||
|
||||
##### SELECT TIME RANGE
|
||||
echo "Select time range:"
|
||||
echo "1) This day"
|
||||
echo "2) Last 3 days"
|
||||
echo "3) Last 10 days"
|
||||
echo "4) Last month"
|
||||
echo "5) Last 90 days"
|
||||
read -p "Option (1-5): " TIME_OPTION
|
||||
|
||||
##### SET TIME RANGE BASED ON SELECTION
|
||||
case "$TIME_OPTION" in
|
||||
1)
|
||||
START_TIME=$(date -u -d '1 day ago' +"%Y-%m-%dT%H:%M:%S.000Z")
|
||||
;;
|
||||
2)
|
||||
START_TIME=$(date -u -d '3 days ago' +"%Y-%m-%dT%H:%M:%S.000Z")
|
||||
;;
|
||||
3)
|
||||
START_TIME=$(date -u -d '10 days ago' +"%Y-%m-%dT%H:%M:%S.000Z")
|
||||
;;
|
||||
4)
|
||||
START_TIME=$(date -u -d '1 month ago' +"%Y-%m-%dT%H:%M:%S.000Z")
|
||||
;;
|
||||
5)
|
||||
START_TIME=$(date -u -d '90 days ago' +"%Y-%m-%dT%H:%M:%S.000Z")
|
||||
;;
|
||||
*)
|
||||
echo "Invalid option. Using last 90 days."
|
||||
START_TIME=$(date -u -d '90 days ago' +"%Y-%m-%dT%H:%M:%S.000Z")
|
||||
;;
|
||||
esac
|
||||
|
||||
END_TIME=$(date -u +"%Y-%m-%dT%H:%M:%S.000Z")
|
||||
|
||||
echo "Listing audit events for user: $USER_EMAIL"
|
||||
$SEP
|
||||
echo "Fetching audit events (this may take a moment)..."
|
||||
|
||||
################## FETCH AND PARSE AUDIT EVENTS //// WILL ONLY DISPLAY DATA OF USER MATCHING THE FINGERPRINT IN OCI-CLI CONFIG FILE (OWN DATA)
|
||||
echo " Timestamp | Event | Service | Action | Status | Description | User | IP Address "
|
||||
echo "$(printf '%.0s-' {1..130})"
|
||||
|
||||
timeout 120 oci audit event list \
|
||||
--compartment-id $TENANCY_ID \
|
||||
--start-time "$START_TIME" \
|
||||
--end-time "$END_TIME" \
|
||||
--all 2>/dev/null | \
|
||||
jq --arg email "$USER_EMAIL" \
|
||||
'.data |
|
||||
map(select(
|
||||
((.data."defined-tags"."Oracle-Tags"."CreatedBy" // "") | contains($email)) or
|
||||
((.data.identity."principal-name" // "") | contains($email)) or
|
||||
((.data."compartment-name" // "") | contains($email))
|
||||
)) |
|
||||
.[] |
|
||||
{
|
||||
"Time": (."event-time" | split("+")[0] | split(".")[0]),
|
||||
"Event": .data."event-name",
|
||||
"Source": .source,
|
||||
"Action": .data.request.action,
|
||||
"Status": .data.response.status,
|
||||
"Message": .data.response.message,
|
||||
"Principal": .data.identity."principal-name",
|
||||
"IP": .data.identity."ip-address"
|
||||
}' \
|
||||
2>/dev/null | \
|
||||
jq -r '[.Time, .Event, .Source, .Action, .Status, .Message, .Principal, .IP] | @tsv' | \
|
||||
column -t -s $'\t' || echo "No audit events found for: $USER_EMAIL"
|
||||
|
||||
$SEP
|
||||
echo "Audit events retrieval completed for: $USER_EMAIL"
|
||||
}
|
||||
|
||||
################# MAIN FUNC
|
||||
if [[ $# -eq 0 ]]; then
|
||||
#####ALWAYS ACTIVATE VENV AND TEST CONNECTION TO OCI
|
||||
activate_venv
|
||||
test_connection
|
||||
else
|
||||
case "$1" in
|
||||
-lu)
|
||||
activate_venv
|
||||
test_connection
|
||||
list_users_lite
|
||||
;;
|
||||
-lc)
|
||||
activate_venv
|
||||
test_connection
|
||||
list_compartments
|
||||
;;
|
||||
-la)
|
||||
activate_venv
|
||||
test_connection
|
||||
list_audit_events
|
||||
;;
|
||||
-h|--help)
|
||||
show_help
|
||||
;;
|
||||
*)
|
||||
echo "Unknown option: $1"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
Reference in New Issue
Block a user