Last active
October 14, 2024 20:28
-
-
Save Rugby-Ball/180829c4499b61958bf7866e34342eac to your computer and use it in GitHub Desktop.
You enter in the AWS Route 53 name orHostedZone ID, and it will check if you have entries pointing to an S3, and if the S3 bucket exists, and has Webhosting turned on. #Utility #AWS #Public #S3 #Route_53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # rt53_webhosted_s3_bucket_check.ps1 | |
| <# | |
| Description: You enter in the AWS Route 53 name orHostedZone ID, and it will check if you have entries pointing to an S3, and if the S3 bucket exists, and has Webhosting turned on. | |
| Written: Ed Walsh | |
| PowerShell.Core tested: Yes | |
| MS-Graph: No | |
| Version: 1.1.1 | |
| Create Date: 10/14/2024 | |
| Revised Date: 10/14/2024 | |
| #> | |
| # Load AWS Tools for PowerShell module | |
| Import-Module AWSPowerShell | |
| # Function to check if an S3 bucket exists | |
| function Check-S3Bucket { | |
| param ( | |
| [string]$BucketName | |
| ) | |
| return (Test-S3Bucket -BucketName $BucketName) | |
| } | |
| # Function to check if an S3 bucket has static website hosting enabled | |
| function Check-S3BucketStaticWebsite { | |
| param ( | |
| [string]$BucketName | |
| ) | |
| $websiteConfig = (Get-S3BucketWebsite -BucketName $BucketName) | |
| $WCvalue = ($websiteConfig.ErrorDocument.count + $websiteConfig.IndexDocumentSuffix.count + $websiteConfig.RedirectAllRequestsTo.count + $websiteConfig.RoutingRules.count) | |
| If ($WCvalue -gt 0) {return "Yes"} Else {return "No"} | |
| } | |
| # Ask user for domain or Hosted Zone ID | |
| $hostedZoneInput = Read-Host "Enter the domain name or Hosted Zone ID" | |
| # Retrieve hosted zones and find the specified one | |
| $hostedZones = Get-R53HostedZonesByName | |
| $hostedZone = $hostedZones | Where-Object { $_.Id -eq $hostedZoneInput -or $_.Name -eq "$hostedZoneInput." } | |
| if (-not $hostedZone) { | |
| Write-Host "Hosted Zone not found." | |
| exit | |
| } | |
| # Get resource record sets for the hosted zone | |
| $recordSets = Get-R53ResourceRecordSet -HostedZoneId $hostedZone.Id | |
| # Prepare output data | |
| $outputData = @() | |
| # Clear Variable | |
| $outputEntry = "" | |
| # Get AWS Account ID | |
| $accountId = (Get-STSCallerIdentity).Account | |
| # Output header row for screen and CSV | |
| $headerRow = "DateTime, AWSAccountID, HostedZoneID, DomainName, S3BucketName, BucketExists, StaticWebsiteEnabled, Cloudfront" | |
| Write-Host $headerRow | |
| # Check each record set for S3 bucket entries | |
| foreach ($record in $recordSets.ResourceRecordSets) { | |
| # Check if record is of type CNAME or A and has Alias set to True | |
| if ((($record.Type -eq "CNAME" -or $record.Type -eq "A") -and $record.AliasTarget) -and ($record.AliasTarget.DNSName -like "s3-website-*" -or $record.AliasTarget.DNSName -Like "*.cloudfront.net." )) { | |
| # Assuming that S3 bucket names follow DNS naming conventions | |
| $bucketName = $record.Name.TrimEnd('.') | |
| $bucketExists = Check-S3Bucket -BucketName $bucketName | |
| $staticWebsiteEnabled = Check-S3BucketStaticWebsite -BucketName $bucketName | |
| $domainname = $hostedZone.Name.TrimEnd('.') | |
| # Create output object for records with S3 buckets | |
| $outputEntry = [PSCustomObject]@{ | |
| DateTime = (Get-Date).ToString("yyyy-MM-dd HH:mm:ss") | |
| AWSAccountID = $accountId | |
| HostedZoneID = $hostedZone.Id | |
| DomainName = $domainname #$hostedZone.Name.TrimEnd('.') | |
| S3BucketName = $bucketName | |
| BucketExists = if ($bucketExists) { "Yes" } else { "No" } | |
| StaticWebsiteEnabled = if ($staticWebsiteEnabled -eq "Yes") { "Yes" } else { "No" } | |
| CloudFront = if ($record.AliasTarget.DNSName -Like "*.cloudfront.net.") { "Yes" } else { "No" } | |
| } | |
| # Add entry to output data array | |
| $outputData += $outputEntry | |
| # Always output to screen with headers | |
| Write-Host "$($outputEntry.DateTime), $($outputEntry.AWSAccountID), $($outputEntry.HostedZoneID), $($outputEntry.DomainName), $($outputEntry.S3BucketName), $($outputEntry.BucketExists), $($outputEntry.StaticWebsiteEnabled), $($outputEntry.cloudfront)" | |
| } | |
| } | |
| # Check if any records were found and display appropriate message | |
| if ($outputData.Count -eq 0) { | |
| Write-Host "No records found." | |
| } else { | |
| # Ask user if they want to save output to CSV with a y/n question only if there are records to save | |
| $saveToCsv = Read-Host "Do you want to save the output to a CSV file? (y/n)" | |
| if ($saveToCsv -eq "y") { | |
| # Generate timestamp for file name | |
| $timestamp = (Get-Date).ToString("yyyyMMddHHmmss") | |
| # Get user's home directory correctly using UserProfile | |
| $homeFolder = [Environment]::GetFolderPath([Environment+SpecialFolder]::UserProfile) | |
| # Create CSV file path with timestamp | |
| $csvFilePath = Join-Path -Path $homeFolder -ChildPath "S3BucketCheck_$domainname-$timestamp.csv" | |
| # Write header row to CSV file first | |
| Add-Content -Path $csvFilePath -Value $headerRow | |
| # Export data to CSV file without type information (just data) | |
| foreach ($entry in $outputData) { | |
| Add-Content -Path $csvFilePath -Value "$($entry.DateTime),$($entry.AWSAccountID),$($entry.HostedZoneID),$($entry.DomainName),$($entry.S3BucketName),$($entry.BucketExists),$($entry.StaticWebsiteEnabled), $($entry.CloudFront)" | |
| } | |
| Write-Host "Output saved to CSV file at: $csvFilePath" | |
| } else { | |
| Write-Host "Output not saved to CSV file." | |
| } | |
| } | |
| # end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment