Skip to content

Commit 8afeba7

Browse files
christophetdchristophetd
committed
Add CLI docs
1 parent 49e9478 commit 8afeba7

File tree

3 files changed

+14
-14
lines changed

3 files changed

+14
-14
lines changed

cmd/grimoire/lookup_flags.go

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -15,12 +15,12 @@ var extendSearchWindow time.Duration
1515

1616
// CLI flags shared between 'shell' and 'stratus-red-team' commands
1717
func initLookupFlags(cmd *cobra.Command) {
18-
cmd.Flags().DurationVarP(&timeout, "timeout", "", 15*time.Minute, "TODO")
19-
cmd.Flags().DurationVarP(&lookupInterval, "interval", "", 5*time.Second, "TODO")
20-
cmd.Flags().DurationVarP(&extendSearchWindow, "extend-search-window", "", 0, "TODO")
21-
cmd.Flags().IntVarP(&maxEvents, "max-events", "", 0, "TODO")
22-
cmd.Flags().BoolVarP(&writeEventsOnly, "only-write-events", "", false, "TODO")
18+
cmd.Flags().DurationVarP(&timeout, "timeout", "", 15*time.Minute, "Maximum time to wait for events to appear in CloudTrail logs")
19+
cmd.Flags().DurationVarP(&lookupInterval, "interval", "", 5*time.Second, "Interval to check for new events. You might need to increase this if you're hitting AWS API rate limits")
20+
cmd.Flags().DurationVarP(&extendSearchWindow, "extend-search-window", "", 0, "Extend the end of the search window by this amount of time")
21+
cmd.Flags().IntVarP(&maxEvents, "max-events", "", 0, "Maximum number of events to retrieve before exiting")
22+
cmd.Flags().BoolVarP(&writeEventsOnly, "only-write-events", "", false, "Only consider write events and ignore read-only ones")
2323

24-
cmd.Flags().StringSliceVarP(&includeEvents, "include-events", "", []string{}, "TODO")
25-
cmd.Flags().StringSliceVarP(&excludeEvents, "exclude-events", "", []string{}, "TODO")
24+
cmd.Flags().StringSliceVarP(&includeEvents, "include-events", "", []string{}, "Only consider specific CloudTrail events. Comma-separated and using the format 'service:Operation' (e.g. 's3:PutObject')")
25+
cmd.Flags().StringSliceVarP(&excludeEvents, "exclude-events", "", []string{}, "Exclude specific CloudTrail events. Comma-separated and using the format 'service:Operation' (e.g. 's3:PutObject')")
2626
}

cmd/grimoire/shell.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ func NewShellCommand() *cobra.Command {
3434
shellCmd := &cobra.Command{
3535
Use: "shell",
3636
SilenceUsage: true,
37-
Example: "TODO",
37+
Example: "Run an interactive shell. Grimoire will inject a unique identifier to your HTTP user agent when using the AWS CLI.",
3838
RunE: func(cmd *cobra.Command, args []string) error {
3939
command := ShellCommand{
4040
OutputFile: outputFile,
@@ -49,9 +49,9 @@ func NewShellCommand() *cobra.Command {
4949
}
5050

5151
initLookupFlags(shellCmd)
52-
shellCmd.Flags().StringVarP(&outputFile, "output", "o", "", "TODO")
53-
shellCmd.Flags().StringVarP(&commandToRun, "command", "c", "", "TODO")
54-
shellCmd.Flags().StringVarP(&scriptToRun, "script", "", "", "TODO")
52+
shellCmd.Flags().StringVarP(&outputFile, "output", "o", "", "Output file to write CloudTrail events to. Grimoire will overwrite the file if it exists, and create otherwise.")
53+
shellCmd.Flags().StringVarP(&commandToRun, "command", "c", "", "Command to execute in the shell (instead of running an interactive shell)")
54+
shellCmd.Flags().StringVarP(&scriptToRun, "script", "", "", "Path to a script to execute in the shell (instead of running an interactive shell)")
5555

5656
return shellCmd
5757
}

cmd/grimoire/stratus-red-team.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ func NewStratusRedTeamCommand() *cobra.Command {
3939
stratusRedTeamCommand := &cobra.Command{
4040
Use: "stratus-red-team",
4141
SilenceUsage: true,
42-
Example: "TODO",
42+
Example: "Detonate a Stratus Red Team attack technique",
4343
RunE: func(cmd *cobra.Command, args []string) error {
4444
if stratusRedTeamAttackTechnique == "" {
4545
return errors.New("missing Stratus Red Team attack technique")
@@ -56,8 +56,8 @@ func NewStratusRedTeamCommand() *cobra.Command {
5656
},
5757
}
5858

59-
stratusRedTeamCommand.Flags().StringVarP(&stratusRedTeamAttackTechnique, "attack-technique", "", "", "TODO")
60-
stratusRedTeamCommand.Flags().StringVarP(&outputFile, "output", "o", "", "TODO")
59+
stratusRedTeamCommand.Flags().StringVarP(&stratusRedTeamAttackTechnique, "attack-technique", "", "", "Stratus Red Team attack technique to detonate. Use 'stratus list' to list available attack techniques or browse https://stratus-red-team.cloud/attack-techniques/list/.")
60+
stratusRedTeamCommand.Flags().StringVarP(&outputFile, "output", "o", "", "Output file to write CloudTrail events to. Grimoire will overwrite the file if it exists, and create otherwise.")
6161
initLookupFlags(stratusRedTeamCommand)
6262

6363
return stratusRedTeamCommand

0 commit comments

Comments
 (0)