From 92a16919c231b9dbe0131629a1630c838f353c2b Mon Sep 17 00:00:00 2001
From: Chris Carty <chriscarty@google.com>
Date: Thu, 23 Jul 2020 14:34:20 -0400
Subject: [PATCH] updated readme use var for bucketname

---
 README.md | 32 ++++++++++++++++++++++++++++----
 1 file changed, 28 insertions(+), 4 deletions(-)
diff --git a/README.md b/README.md
index 6c049c3..f103049 100644
--- a/README.md
+++ b/README.md
@@ -1,10 +1,14 @@
 # GC Cloud Guardrails
 
 ## Source Links
-[Cloud Foundation Scorcard](https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/master/cli/docs/scorecard.mdhttps://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/master/cli/docs/scorecard.md)
+[Government of Canada Guardrails](https://github.com/canada-ca/cloud-guardrails)
 
 [Cloud Inventory Assets](https://cloud.google.com/asset-inventory/docs/overviewhttps://cloud.google.com/asset-inventory/docs/overview)
 
+[Open Policy Agent](https://www.openpolicyagent.org/)
+
+[conftest](https://www.conftest.dev/)
+
 ## Permissions
 - Cloud Asset Viewer
 - Service Usage Consumer
@@ -19,12 +23,13 @@ gcloud services enable cloudasset.googleapis.com
 
 2. Create a storage bucket for storing the asset inventory output
 ```
-gsutil mb gs://<your_bucket_name>
+export MY_BUCKET_NAME=<bucket-name>
+gsutil mb gs://$MY_BUCKET_NAME
 ```
 
 3. Run inventory report
 ```
-gcloud asset export ---output-path=gs://<your_bucket_name>/resource_inventory.json \
+gcloud asset export --output-path=gs://$MY_BUCKET_NAME/resource_inventory.json \
 	--content-type=resource \ # content types can be the following: resource, iam-policy, access-policy, org-policy
 	--project=<your_project_id> \ # --folder or --organization can also be used
 ```
@@ -53,4 +58,23 @@ gsutil cp gs://<your_bucket_name>/resource_inventory.json ./cai-dir
 
 This will format the output from the inventory dump and run the tests. Results will be placed in the report.txt folder in the current directory.
 
-example output
\ No newline at end of file
+example output
+
+```
+./cai-dir/access_policy_inventory.json
+--------------------------------------------------------------------------------
+PASS: 1/1
+WARN: 0/1
+FAIL: 0/1
+
+./cai-dir/iam_inventory.json
+--------------------------------------------------------------------------------
+PASS: 10/10
+WARN: 0/10
+FAIL: 0/10
+
+./cai-dir/inventory.json
+[31mFAIL[0m - //compute.googleapis.com/projects/gke-test-project/regions/asia-east2/subnetworks/default not located in Canada 'asia-east2'
+[31mFAIL[0m - //compute.googleapis.com/projects/gke-test-project/regions/asia-south1/subnetworks/default not located in Canada 'asia-south1'
+[31mFAIL[0m - //compute.googleapis.com/projects/gke-test-project/regions/asia-southeast1/subnetworks/default not located in Canada 'asia-southeast1'
+```
\ No newline at end of file
