-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathhow to run.txt
More file actions
114 lines (90 loc) · 3.74 KB
/
how to run.txt
File metadata and controls
114 lines (90 loc) · 3.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
# ============================================================
# 🌩️ MULTI-CLOUD CSPM DASHBOARD — FULL SETUP & EXECUTION GUIDE
# ============================================================
# Works for Azure, AWS, GCP, and OCI on Windows (PowerShell)
# ============================================================
# ---- 1️⃣ Navigate to Project Directory ----
cd "C:\Users\arinv\Downloads\My Projects\cspm_project"
# ---- 2️⃣ Allow Script Execution for This Session ----
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
# ---- 3️⃣ Create and Activate Python Virtual Environment ----
python -m venv .venv
.\.venv\Scripts\Activate.ps1
# ---- 4️⃣ Install Dependencies ----
pip install -r requirements.txt
# ---- 5️⃣ Install Cloud CLIs (Run only once per provider) ----
# Azure CLI
# https://aka.ms/installazurecliwindows
# AWS CLI
# https://awscli.amazonaws.com/AWSCLIV2.msi
# GCP CLI
# https://cloud.google.com/sdk/docs/install
# OCI CLI
# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#Quickstart
# ---- 6️⃣ Authenticate to Your Cloud Account ----
# ---- For Azure ----
az login
az account show
# (You should see your Azure for Students subscription JSON output)
# ---- For AWS ----
# aws configure
# Enter Access Key, Secret Key, Region, Output=json
# aws sts get-caller-identity
# ---- For GCP ----
# gcloud init
# gcloud config list account
# ---- For OCI ----
# oci setup config
# oci os ns get
# ---- 7️⃣ Run Your Flask App ----
python app.py
# You’ll see:
# * Running on http://127.0.0.1:5000
# * Debugger active
# ---- 8️⃣ Open in Browser ----
# Navigate to:
# http://127.0.0.1:5000
# Then click “Detect Cloud” → it will detect whichever cloud CLI is logged in.
# ✅ Example Outputs:
# Azure -> "Detected Cloud: AZURE"
# AWS -> "Detected Cloud: AWS"
# GCP -> "Detected Cloud: GCP"
# OCI -> "Detected Cloud: OCI"
# Unknown-> "No supported cloud detected."
# ---- 9️⃣ Run Security Audit and Fix Misconfigurations ----
# From the UI:
# Click “Run Audit” → executes scripts/{cloud}_*.sh
# Click “Apply Fixes” → automatically repairs misconfigs
# Reports are saved in:
# reports/security_audit_report.json
# ---- 🔍 Optional: Create Sample Misconfigurations for Testing ----
# --- Azure ---
# az storage account create -n insecurestorage$RANDOM -g MyResourceGroup --allow-blob-public-access true
# az network nsg rule create -g MyResourceGroup --nsg-name defaultNSG --name openAll --priority 100 --access Allow --direction Inbound --protocol "*" --source-address-prefixes "*" --destination-port-ranges "*"
# --- AWS ---
# aws s3api create-bucket --bucket mypublicbucket123 --region us-east-1
# aws s3api put-bucket-acl --bucket mypublicbucket123 --acl public-read
# --- GCP ---
# gsutil mb gs://public-test-bucket-$RANDOM
# gsutil iam ch allUsers:objectViewer gs://public-test-bucket-$RANDOM
# --- OCI ---
# oci os bucket create --name public-bucket-$RANDOM --public-access-type ObjectRead
# ---- 🔧 Run Audit Again to See Detected Misconfigs ----
# Then click “Apply Fixes” to automatically repair them.
# ---- 🔎 View Report ----
# Click “View Report” in the dashboard, or manually open:
# reports/security_audit_report.json
# ---- 🧱 Stop Flask ----
# Ctrl + C
# ---- 🚪 Deactivate Virtual Environment ----
deactivate
# ============================================================
# ✅ SUMMARY
# ------------------------------------------------------------
# This setup:
# - Detects which cloud (Azure, AWS, GCP, OCI) is active
# - Audits security misconfigurations using scripts/
# - Applies fixes automatically
# - Generates a detailed JSON report
# - Works cross-platform (Windows/Linux)
# ============================================================