-
Notifications
You must be signed in to change notification settings - Fork 3
/
gcp-cis-config.sh
executable file
·25 lines (22 loc) · 7.86 KB
/
gcp-cis-config.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#!/bin/zsh
lacework_tenant=$2
#Set data strings
disable_cis_10='{"GCP_CIS_1_1": "disable","GCP_CIS_1_2": "disable","GCP_CIS_1_3": "disable","GCP_CIS_1_4": "disable","GCP_CIS_1_5": "disable","GCP_CIS_1_6": "disable","GCP_CIS_1_7": "disable","GCP_CIS_1_8": "disable","GCP_CIS_1_9": "disable","GCP_CIS_1_10": "disable","GCP_CIS_1_11": "disable","GCP_CIS_1_12": "disable","GCP_CIS_1_13": "disable","GCP_CIS_2_1": "disable","GCP_CIS_2_2": "disable","GCP_CIS_2_3": "disable","GCP_CIS_2_4": "disable","GCP_CIS_2_5": "disable","GCP_CIS_2_6": "disable","GCP_CIS_2_7": "disable","GCP_CIS_2_8": "disable","GCP_CIS_2_9": "disable","GCP_CIS_2_10": "disable","GCP_CIS_2_11": "disable","GCP_CIS_3_1": "disable","GCP_CIS_3_2": "disable","GCP_CIS_3_3": "disable","GCP_CIS_3_4": "disable","GCP_CIS_3_5": "disable","GCP_CIS_3_6": "disable", "GCP_CIS_3_7": "disable", "GCP_CIS_3_8": "disable", "GCP_CIS_4_1": "disable", "GCP_CIS_4_2": "disable", "GCP_CIS_4_3": "disable", "GCP_CIS_4_4": "disable", "GCP_CIS_4_5": "disable", "GCP_CIS_4_6": "disable", "GCP_CIS_5_1": "disable", "GCP_CIS_5_2": "disable", "GCP_CIS_5_3": "disable", "GCP_CIS_6_1": "disable", "GCP_CIS_6_2": "disable", "GCP_CIS_6_3": "disable", "GCP_CIS_6_4": "disable", "GCP_CIS_7_1": "disable", "GCP_CIS_7_2": "disable", "GCP_CIS_7_3": "disable", "GCP_CIS_7_4": "disable", "GCP_CIS_7_5": "disable", "GCP_CIS_7_6": "disable", "GCP_CIS_7_7": "disable", "GCP_CIS_7_8": "disable", "GCP_CIS_7_9": "disable", "GCP_CIS_7_10": "disable", "GCP_CIS_7_11": "disable", "GCP_CIS_7_12": "disable", "GCP_CIS_7_13": "disable", "GCP_CIS_7_14": "disable", "GCP_CIS_7_15": "disable", "GCP_CIS_7_16": "disable", "GCP_CIS_7_17": "disable", "GCP_CIS_7_18": "disable" }'
disable_cis_12='{"GCP_CIS12_1_1": "disable","GCP_CIS12_1_2": "disable","GCP_CIS12_1_3": "disable","GCP_CIS12_1_4": "disable","GCP_CIS12_1_5": "disable","GCP_CIS12_1_6": "disable","GCP_CIS12_1_7": "disable","GCP_CIS12_1_8": "disable","GCP_CIS12_1_9": "disable","GCP_CIS12_1_10": "disable","GCP_CIS12_1_11": "disable","GCP_CIS12_1_12": "disable","GCP_CIS12_1_13": "disable","GCP_CIS12_1_14": "disable","GCP_CIS12_1_15": "disable","GCP_CIS12_2_1": "disable","GCP_CIS12_2_2": "disable","GCP_CIS12_2_3": "disable","GCP_CIS12_2_4": "disable","GCP_CIS12_2_5": "disable","GCP_CIS12_2_6": "disable","GCP_CIS12_2_7": "disable","GCP_CIS12_2_8": "disable","GCP_CIS12_2_9": "disable","GCP_CIS12_2_10": "disable","GCP_CIS12_2_11": "disable","GCP_CIS12_2_12": "disable","GCP_CIS12_3_1": "disable","GCP_CIS12_3_2": "disable","GCP_CIS12_3_3": "disable","GCP_CIS12_3_4": "disable","GCP_CIS12_3_5": "disable","GCP_CIS12_3_6": "disable","GCP_CIS12_3_7": "disable","GCP_CIS12_3_8": "disable","GCP_CIS12_3_9": "disable","GCP_CIS12_3_10": "disable","GCP_CIS12_4_1": "disable","GCP_CIS12_4_2": "disable","GCP_CIS12_4_3": "disable","GCP_CIS12_4_4": "disable","GCP_CIS12_4_5": "disable","GCP_CIS12_4_6": "disable","GCP_CIS12_4_7": "disable","GCP_CIS12_4_8": "disable","GCP_CIS12_4_9": "disable","GCP_CIS12_4_10": "disable","GCP_CIS12_4_11": "disable","GCP_CIS12_5_1": "disable","GCP_CIS12_5_2": "disable","GCP_CIS12_6_1_1": "disable","GCP_CIS12_6_1_2": "disable","GCP_CIS12_6_1_3": "disable","GCP_CIS12_6_2_1": "disable","GCP_CIS12_6_2_2": "disable","GCP_CIS12_6_2_3": "disable","GCP_CIS12_6_2_4": "disable","GCP_CIS12_6_2_5": "disable","GCP_CIS12_6_2_6": "disable","GCP_CIS12_6_2_7": "disable","GCP_CIS12_6_2_8": "disable","GCP_CIS12_6_2_9": "disable","GCP_CIS12_6_2_10": "disable","GCP_CIS12_6_2_11": "disable","GCP_CIS12_6_2_12": "disable","GCP_CIS12_6_2_13": "disable","GCP_CIS12_6_2_14": "disable","GCP_CIS12_6_2_15": "disable","GCP_CIS12_6_2_16": "disable","GCP_CIS12_6_3_1": "disable","GCP_CIS12_6_3_2": "disable","GCP_CIS12_6_3_3": "disable","GCP_CIS12_6_3_4": "disable","GCP_CIS12_6_3_5": "disable","GCP_CIS12_6_3_6": "disable","GCP_CIS12_6_3_7": "disable","GCP_CIS12_6_4": "disable","GCP_CIS12_6_5": "disable","GCP_CIS12_6_6": "disable","GCP_CIS12_6_7": "disable","GCP_CIS12_7_1": "disable","GCP_CIS12_7_2": "disable","GCP_CIS12_7_3": "disable","GCP_K8S_1_1": "disable","GCP_K8S_1_2": "disable","GCP_K8S_1_3": "disable","GCP_K8S_1_4": "disable","GCP_K8S_1_5": "disable","GCP_K8S_1_6": "disable","GCP_K8S_1_7": "disable","GCP_K8S_1_8": "disable","GCP_K8S_1_9": "disable","GCP_K8S_1_10": "disable","GCP_K8S_1_11": "disable","GCP_K8S_1_12": "disable","GCP_K8S_1_13": "disable","GCP_K8S_1_14": "disable","GCP_K8S_1_15": "disable","GCP_K8S_1_16": "disable","GCP_K8S_1_17": "disable","GCP_K8S_1_18": "disable"}'
enable_cis_12='{"GCP_CIS12_1_1": "enable","GCP_CIS12_1_2": "enable","GCP_CIS12_1_3": "enable","GCP_CIS12_1_4": "enable","GCP_CIS12_1_5": "enable","GCP_CIS12_1_6": "enable","GCP_CIS12_1_7": "enable","GCP_CIS12_1_8": "enable","GCP_CIS12_1_9": "enable","GCP_CIS12_1_10": "enable","GCP_CIS12_1_11": "enable","GCP_CIS12_1_12": "enable","GCP_CIS12_1_13": "enable","GCP_CIS12_1_14": "enable","GCP_CIS12_1_15": "enable","GCP_CIS12_2_1": "enable","GCP_CIS12_2_2": "enable","GCP_CIS12_2_3": "enable","GCP_CIS12_2_4": "enable","GCP_CIS12_2_5": "enable","GCP_CIS12_2_6": "enable","GCP_CIS12_2_7": "enable","GCP_CIS12_2_8": "enable","GCP_CIS12_2_9": "enable","GCP_CIS12_2_10": "enable","GCP_CIS12_2_11": "enable","GCP_CIS12_2_12": "enable","GCP_CIS12_3_1": "enable","GCP_CIS12_3_2": "enable","GCP_CIS12_3_3": "enable","GCP_CIS12_3_4": "enable","GCP_CIS12_3_5": "enable","GCP_CIS12_3_6": "enable","GCP_CIS12_3_7": "enable","GCP_CIS12_3_8": "enable","GCP_CIS12_3_9": "enable","GCP_CIS12_3_10": "enable","GCP_CIS12_4_1": "enable","GCP_CIS12_4_2": "enable","GCP_CIS12_4_3": "enable","GCP_CIS12_4_4": "enable","GCP_CIS12_4_5": "enable","GCP_CIS12_4_6": "enable","GCP_CIS12_4_7": "enable","GCP_CIS12_4_8": "enable","GCP_CIS12_4_9": "enable","GCP_CIS12_4_10": "enable","GCP_CIS12_4_11": "enable","GCP_CIS12_5_1": "enable","GCP_CIS12_5_2": "enable","GCP_CIS12_6_1_1": "enable","GCP_CIS12_6_1_2": "enable","GCP_CIS12_6_1_3": "enable","GCP_CIS12_6_2_1": "enable","GCP_CIS12_6_2_2": "enable","GCP_CIS12_6_2_3": "enable","GCP_CIS12_6_2_4": "enable","GCP_CIS12_6_2_5": "enable","GCP_CIS12_6_2_6": "enable","GCP_CIS12_6_2_7": "enable","GCP_CIS12_6_2_8": "enable","GCP_CIS12_6_2_9": "enable","GCP_CIS12_6_2_10": "enable","GCP_CIS12_6_2_11": "enable","GCP_CIS12_6_2_12": "enable","GCP_CIS12_6_2_13": "enable","GCP_CIS12_6_2_14": "enable","GCP_CIS12_6_2_15": "enable","GCP_CIS12_6_2_16": "enable","GCP_CIS12_6_3_1": "enable","GCP_CIS12_6_3_2": "enable","GCP_CIS12_6_3_3": "enable","GCP_CIS12_6_3_4": "enable","GCP_CIS12_6_3_5": "enable","GCP_CIS12_6_3_6": "enable","GCP_CIS12_6_3_7": "enable","GCP_CIS12_6_4": "enable","GCP_CIS12_6_5": "enable","GCP_CIS12_6_6": "enable","GCP_CIS12_6_7": "enable","GCP_CIS12_7_1": "enable","GCP_CIS12_7_2": "enable","GCP_CIS12_7_3": "enable","GCP_K8S_1_1": "enable","GCP_K8S_1_2": "enable","GCP_K8S_1_3": "enable","GCP_K8S_1_4": "enable","GCP_K8S_1_5": "enable","GCP_K8S_1_6": "enable","GCP_K8S_1_7": "enable","GCP_K8S_1_8": "enable","GCP_K8S_1_9": "enable","GCP_K8S_1_10": "enable","GCP_K8S_1_11": "enable","GCP_K8S_1_12": "enable","GCP_K8S_1_13": "enable","GCP_K8S_1_14": "enable","GCP_K8S_1_15": "enable","GCP_K8S_1_16": "enable","GCP_K8S_1_17": "enable","GCP_K8S_1_18": "enable"}'
case $1 in
"disable_cis_10")
#Disable GCP CIS 1.0 checks
curl -X PATCH -H 'Content-Type: application/json' -H 'Authorization: Bearer '$(lacework access-token) -d ${disable_cis_10} https://${lacework_tenant}.lacework.net/api/v1/external/recommendations/gcp
;;
"disable_cis_12")
#Disable GCP CIS 1.2 checks
curl -X PATCH -H 'Content-Type: application/json' -H 'Authorization: Bearer '$(lacework access-token) -d ${disable_cis_12} https://${lacework_tenant}.lacework.net/api/v1/external/recommendations/gcp
;;
"enable_cis_12")
#Enable GCP CIS 1.2 checks
curl -X PATCH -H 'Content-Type: application/json' -H 'Authorization: Bearer '$(lacework access-token) -d ${enable_cis_12} https://${lacework_tenant}.lacework.net/api/v1/external/recommendations/gcp
;;
*)
echo "Syntax: gcp-cis-config.sh [disable_cis_10|disable_cis_12|enable_cis_12] [lacework-tenant]"
esac