diff --git a/lw_gcp_inventory.sh b/lw_gcp_inventory.sh index 85fc64c..dc52457 100755 --- a/lw_gcp_inventory.sh +++ b/lw_gcp_inventory.sh @@ -7,6 +7,7 @@ # Set the initial counts to zero. GCE_INSTANCES=0 GKE_INSTANCES=0 +GAE_INSTANCES=0 SQL_INSTANCES=0 LOAD_BALANCERS=0 GATEWAYS=0 @@ -23,11 +24,20 @@ function isComputeEnabled { gcloud services list --format json | jq -r '.[] | .name' | grep -q "compute.googleapis.com" } -# NOTE - it is technically possible to have a CloudSQL instance without the -# sqladmin API enabled; but you cannot check the instance programatically +function isAppEngineEnabled { + if [ `gcloud app operations list --format json | jq length` -gt 0 ] + then + return 0 + else + return 1 + fi +} + +# NOTE - it is technically possible to have a CloudSQL instance without the +# sqladmin API enabled; but you cannot check the instance programatically # without the API enabled function isCloudSQLEnabled { - gcloud services list --format json | jq -r '.[] | .name' | grep -q "sqladmin.googleapis.com" + gcloud services list --format json | jq -r '.[] | .name' | grep -q "sqladmin.googleapis.com" } function getGKEInstances { @@ -38,6 +48,10 @@ function getGCEInstances { gcloud compute instances list --format json | jq '[.[] | select(.name | contains("gke-") | not)] | length' } +function getGAEInstances { + gcloud app instances list --format json | jq length +} + function getSQLInstances { gcloud sql instances list --format json | jq length } @@ -82,6 +96,13 @@ for project in ${PROJECT_IDS[@]}; do GATEWAYS=$(($GATEWAYS + $gateways)) fi + # Check if AppEngine is being used + if isAppEngineEnabled; then + echo "Checking for AppEngine instances." + gae_inst=$(getGAEInstances) + GAE_INSTANCES=$(($GAE_INSTANCES + $gae_inst)) + fi + # Check for SQL instances if isCloudSQLEnabled; then echo "Checking for Cloud SQL instances." @@ -90,13 +111,15 @@ for project in ${PROJECT_IDS[@]}; do fi done +echo "" echo "######################################################################" echo "Lacework inventory collection complete." echo "" echo "GCE Instances: $GCE_INSTANCES" echo "GKE Instances: $GKE_INSTANCES" +echo "GAE Instances: $GAE_INSTANCES" echo "Load Balancers: $LOAD_BALANCERS" echo "Gateways: $GATEWAYS" echo "SQL Instances: $SQL_INSTANCES" echo "====================" -echo "Total Resources: $(($GCE_INSTANCES + $GKE_INSTANCES + $LOAD_BALANCERS + $GATEWAYS + $SQL_INSTANCES))" +echo "Total Resources: $(($GCE_INSTANCES + $GKE_INSTANCES + $GAE_INSTANCES + $LOAD_BALANCERS + $GATEWAYS + $SQL_INSTANCES))"