#!/bin/bash

# Load environment variables from .env file
if [ -f .env ]; then
    source .env
else
    echo "Error: .env file not found. create one with your API keys."
    exit 1
fi

# AWS CLI Configuration (ensure you have AWS CLI configured)
AWS_PROFILE="$AWS_PROFILE"

# J1 API Configuration (read from .env)
J1_API_KEY="$J1_API_KEY"
J1_ACCOUNT="$J1_ACCOUNT"

# Get all hosted zones
hosted_zones=$(aws route53 list-hosted-zones --profile $AWS_PROFILE --output text | cut -f 3)

for zone_id in $hosted_zones; do
    # Get all resource record sets for each zone
    record_sets=$(aws route53 list-resource-record-sets --hosted-zone-id $zone_id --profile $AWS_PROFILE --output text)

    while read -r line; do
        # Extract relevant information from each record set
        name=$(echo $line | cut -f 2)
        type=$(echo $line | cut -f 3)
        values=$(echo $line | cut -f 5-)

        # Handle different record types (you might need to add more types)
        if [ "$type" == "A" ] || [ "$type" == "CNAME" ]; then
            for value in $values; do
                # Query JupiterOne to check asset ownership
                # (This part needs to be implemented using JupiterOne's API)
                j1_query="Find asset where properties.value = '$value'"
                j1_result=$(curl -s -H "Authorization: Bearer $J1_API_KEY" "https://api.us.jupiterone.io/graphql/$J1_ACCOUNT" -d '{"query": "'"$j1_query"'"}')

                # Process JupiterOne result and output information
                if [[ $j1_result == *"\"totalCount\":0"* ]]; then
                    echo "$name ($type) points to $value (Asset not found in JupiterOne)"
                else
                    echo "$name ($type) points to $value (Asset found in JupiterOne)"
                fi
            done
        fi
    done <<< "$record_sets"
done