#!/bin/bash
#
# This script attempts quickly enumerate some of the exposed resources
# available given a set of AWS credentials.
# Based on excellent work of Scott Piper:
#	https://duo.com/blog/beyond-s3-exposed-resources-on-aws
#

if [ $# -lt 1 ]; then
	echo "Usage: ./find-exposed-resources.sh <profile-name> [region]"
	echo ""
	echo "If region is not specified, will enumerate all regions."
	exit 1
fi

PROFILE=$1
REGION=

if [[ "$2" != "" ]]; then
	REGION="$2"
fi

trap ctrl_c INT

function ctrl_c() {
	echo "[!] User interrupted script execution."
	exit 1
}

function _aws() {
	if [[ "$REGION" != "" ]]; then 
		#echo "aws --region $REGION --profile $PROFILE $@ --no-paginate"
		aws --region $REGION --profile $PROFILE $@ --no-paginate
	else
		#echo "aws --profile $PROFILE $@ --no-paginate"
		aws --profile $PROFILE $@ --no-paginate
	fi
}

function ebs_snapshots() {
	out=$(_aws ec2 describe-snapshots --owner-id self --restorable-by-user-ids all)
	if ! echo "$out" | grep -q '": \[\]'; then
		echo "---[ Public EBS Snapshots"
		echo "$out"
		echo
	fi
}

function rds_snapshots() {
	out=$(_aws rds describe-db-snapshots --snapshot-type public)
	if ! echo "$out" | grep -q '": \[\]'; then
		echo "---[ Public RDS Snapshots"
		echo "$out"
		echo
	fi
}

function ami_images() {
	out=$(_aws ec2 describe-images --owners self --executable-users all)
	if ! echo "$out" | grep -q '": \[\]'; then
		echo "---[ Public AMI Images"
		echo "$out"
		echo
	fi
}

function s3_buckets() {
	echo "---[ Public S3 Buckets"
	for bucket in $(_aws s3api list-buckets --query 'Buckets[*].Name' --output text)
	do 
		pub=$(_aws s3api get-bucket-policy-status --bucket $bucket --query 'PolicyStatus.IsPublic' 2> /dev/null || echo 'false')
		echo -n "IsPublic:"
		if [[ "$pub" == "true" ]]; then 
			echo -en "\e[91m"
		else 
			echo -en "\e[34m"
		fi
		echo -e "$pub\e[39m - Bucket: \e[93m$bucket\e[39m"
	done
	echo
}

regions=$(aws ec2 describe-regions --query 'Regions[*].RegionName' --output text)

if [[ "$REGION" == "" ]]; then
	for region in ${regions[@]}
	do
		REGION="$region"
		echo "=================== Region: $region ======================"
		echo
		ebs_snapshots
		rds_snapshots
		ami_images
	done
	echo
else
	echo "=================== Region: $REGION ======================"
	echo
	ebs_snapshots
	rds_snapshots
	ami_images
	echo
fi

s3_buckets