alexvanin/test-helper
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
test-helper/acl-migrate/check-aws.sh

30 lines
3 KiB
Bash
Raw Normal View History

Initial commit
2024-07-16 17:47:56 +00:00
#!/bin/bash -x
source ./env
# check public read-write bucket with object inside
Use --no-verify-ssl flag for https connections to S3
2024-07-17 08:35:47 +00:00
aws s3api get-bucket-acl --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-public-rw --endpoint $S3ENDPOINT || exit 1
aws s3api get-object-acl --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-public-rw --endpoint $S3ENDPOINT --key $S3KEY || exit 1
aws s3api get-object --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-public-rw --endpoint $S3ENDPOINT --key $S3KEY out || exit 1 # allow owner to get object
aws s3api put-object --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-public-rw --endpoint $S3ENDPOINT --key $S3KEY-new --body $FILE || exit 1 # allow owner to put object
aws s3api get-object --no-verify-ssl --profile $S3PROFEXT --bucket $S3PREFIX-public-rw --endpoint $S3ENDPOINT --key $S3KEY out || exit 1 # allow others to get object
aws s3api put-object --no-verify-ssl --profile $S3PROFEXT --bucket $S3PREFIX-public-rw --endpoint $S3ENDPOINT --key $S3KEY-new --body $FILE || exit 1 # allow others to put object
Initial commit
2024-07-16 17:47:56 +00:00
# check public read bucket with object inside
Use --no-verify-ssl flag for https connections to S3
2024-07-17 08:35:47 +00:00
aws s3api get-bucket-acl --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-public-r --endpoint $S3ENDPOINT || exit 1
aws s3api get-object-acl --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-public-r --endpoint $S3ENDPOINT --key $S3KEY || exit 1
aws s3api get-object --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-public-r --endpoint $S3ENDPOINT --key $S3KEY out || exit 1 # allow owner to get object
aws s3api put-object --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-public-r --endpoint $S3ENDPOINT --key $S3KEY-new --body $FILE || exit 1 # allow owner to put object
aws s3api get-object --no-verify-ssl --profile $S3PROFEXT --bucket $S3PREFIX-public-r --endpoint $S3ENDPOINT --key $S3KEY out || exit 1 # allow others to get object
aws s3api put-object --no-verify-ssl --profile $S3PROFEXT --bucket $S3PREFIX-public-r --endpoint $S3ENDPOINT --key $S3KEY-new --body $FILE && exit 1 # deny others to put object
Initial commit
2024-07-16 17:47:56 +00:00
# check private read bucket with object inside
Use --no-verify-ssl flag for https connections to S3
2024-07-17 08:35:47 +00:00
aws s3api get-bucket-acl --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-private --endpoint $S3ENDPOINT || exit 1
aws s3api get-object-acl --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-private --endpoint $S3ENDPOINT --key $S3KEY || exit 1
aws s3api get-object --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-private --endpoint $S3ENDPOINT --key $S3KEY out || exit 1 # allow owner to get object
aws s3api put-object --no-verify-ssl --profile $S3PROF --bucket $S3PREFIX-private --endpoint $S3ENDPOINT --key $S3KEY-new --body $FILE || exit 1 # allow owner to put object
aws s3api get-object --no-verify-ssl --profile $S3PROFEXT --bucket $S3PREFIX-private --endpoint $S3ENDPOINT --key $S3KEY out && exit 1 # deny others to get object
aws s3api put-object --no-verify-ssl --profile $S3PROFEXT --bucket $S3PREFIX-private --endpoint $S3ENDPOINT --key $S3KEY-new --body $FILE && exit 1 # deny others to put object
Initial commit
2024-07-16 17:47:56 +00:00
rm out && exit 0
Reference in a new issue Copy permalink