route53-compare
AWS Route53 Asset Inventory Script
This Bash script helps you identify which assets in your AWS Route53 hosted zones are also tracked in JupiterOne. It does this by:
-
Fetching all your Route53 hosted zones.
-
Retrieving DNS records (A and CNAME) from each zone.
-
Reaching out to JupiterOne's API to check if an asset exists with the DNS record's value.
-
Printing out the results, indicating if the asset was found in JupiterOne or not.
Prerequisites
-
AWS CLI: You need to have the AWS CLI installed and configured with the necessary credentials.
-
JupiterOne API Key: You'll need an API key from JupiterOne to access their GraphQL API.
Setup
Create a .env file: In the same directory as the script, create a file named .env with the following content: Replace the placeholders with your actual AWS profile name, JupiterOne API key, and JupiterOne account ID.
AWS_PROFILE=your_aws_profile_name
J1_API_KEY=your_jupiterone_api_key
J1_ACCOUNT=your_jupiterone_account\id
Usage
- Make the script executable:
chmod +x dangle.sh
- Run the script:
./dangle.sh
or
bash dangle.sh
The script will output the DNS records and whether or not a corresponding asset was found in JupiterOne.
To-Do
-
Error Handling: The script includes basic error handling for the .env file. We should make it more robust at error handling for AWS CLI and JupiterOne API calls.
-
Additional Record Types: Currently the script only handles A and CNAME records. We should extend it to support other record types like MX, TXT, etc.
-
JupiterOne Query: The JupiterOne query is currently VERY simple. We might want to refine it.