Convert AWS remote-exec to use script instead of inline
This commit is contained in:
Chris Long
@@ -211,12 +211,20 @@ resource "aws_instance" "logger" {
|
|||||||
resource "aws_instance" "dc" {
|
resource "aws_instance" "dc" {
|
||||||
instance_type = "t3.medium"
|
instance_type = "t3.medium"
|
||||||
|
|
||||||
|
provisioner "file" {
|
||||||
|
source = "scripts/bootstrap.ps1"
|
||||||
|
destination = "C:\\Temp\\script.ps1"
|
||||||
|
|
||||||
|
connection {
|
||||||
|
type = "winrm"
|
||||||
|
user = "vagrant"
|
||||||
|
password = "vagrant"
|
||||||
|
host = coalesce(self.public_ip, self.private_ip)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
inline = [
|
inline = ["powershell.exe -File C:\\Temp\\script.ps1"]
|
||||||
"choco install -force -y winpcap",
|
|
||||||
"ipconfig /renew",
|
|
||||||
"powershell.exe -c \"Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.103 wef.windomain.local'\"",
|
|
||||||
]
|
|
||||||
|
|
||||||
connection {
|
connection {
|
||||||
type = "winrm"
|
type = "winrm"
|
||||||
@@ -245,13 +253,20 @@ resource "aws_instance" "dc" {
|
|||||||
resource "aws_instance" "wef" {
|
resource "aws_instance" "wef" {
|
||||||
instance_type = "t3.medium"
|
instance_type = "t3.medium"
|
||||||
|
|
||||||
|
provisioner "file" {
|
||||||
|
source = "scripts/bootstrap.ps1"
|
||||||
|
destination = "C:\\Temp\\script.ps1"
|
||||||
|
|
||||||
|
connection {
|
||||||
|
type = "winrm"
|
||||||
|
user = "vagrant"
|
||||||
|
password = "vagrant"
|
||||||
|
host = coalesce(self.public_ip, self.private_ip)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
inline = [
|
inline = ["powershell.exe -File C:\\Temp\\script.ps1"]
|
||||||
"choco install -force -y winpcap",
|
|
||||||
"powershell.exe -c \"Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.102 dc.windomain.local'\"",
|
|
||||||
"powershell.exe -c \"Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.102 windomain.local'\"",
|
|
||||||
"ipconfig /renew",
|
|
||||||
]
|
|
||||||
|
|
||||||
connection {
|
connection {
|
||||||
type = "winrm"
|
type = "winrm"
|
||||||
@@ -280,13 +295,20 @@ resource "aws_instance" "wef" {
|
|||||||
resource "aws_instance" "win10" {
|
resource "aws_instance" "win10" {
|
||||||
instance_type = "t2.large"
|
instance_type = "t2.large"
|
||||||
|
|
||||||
|
provisioner "file" {
|
||||||
|
source = "scripts/bootstrap.ps1"
|
||||||
|
destination = "C:\\Temp\\script.ps1"
|
||||||
|
|
||||||
|
connection {
|
||||||
|
type = "winrm"
|
||||||
|
user = "vagrant"
|
||||||
|
password = "vagrant"
|
||||||
|
host = coalesce(self.public_ip, self.private_ip)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
inline = [
|
inline = ["powershell.exe -File C:\\Temp\\script.ps1"]
|
||||||
"choco install -force -y winpcap",
|
|
||||||
"powershell.exe -c \"Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.102 dc.windomain.local'\"",
|
|
||||||
"powershell.exe -c \"Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.102 windomain.local'\"",
|
|
||||||
"ipconfig /renew",
|
|
||||||
]
|
|
||||||
|
|
||||||
connection {
|
connection {
|
||||||
type = "winrm"
|
type = "winrm"
|
||||||
|
|||||||
40
AWS/Terraform/scripts/bootstrap.ps1
Normal file
40
AWS/Terraform/scripts/bootstrap.ps1
Normal file
@@ -0,0 +1,40 @@
|
|||||||
|
# Purpose: Prepare the AWS AMIs for use
|
||||||
|
|
||||||
|
# Install npcap so Wireshark recognizes the AWS network adapters
|
||||||
|
Start-Job -ScriptBlock { choco install -y --force npcap --version 0.86 }
|
||||||
|
|
||||||
|
# Hardcode IP addresses in the HOSTS file
|
||||||
|
If ($env:COMPUTERNAME -eq "DC") {
|
||||||
|
Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.103 wef.windomain.local'
|
||||||
|
Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.104 win10.windomain.local'
|
||||||
|
}
|
||||||
|
Else {
|
||||||
|
Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.102 dc.windomain.local'
|
||||||
|
Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.102 windomain.local'
|
||||||
|
}
|
||||||
|
|
||||||
|
# Keep renewing the IP address until the domain controller is set as a DNS server
|
||||||
|
while (!(Get-DNSClientServerAddress | Where-Object { $_.ServerAddresses -eq "192.168.38.102" })) {
|
||||||
|
write-host "Waiting to receive the correct DNS settings from DHCP...";
|
||||||
|
start-sleep 1;
|
||||||
|
ipconfig /renew
|
||||||
|
}
|
||||||
|
|
||||||
|
# Check if gpupdate works
|
||||||
|
if ($env:COMPUTERNAME -ne "DC") {
|
||||||
|
Write-Host "Attempting a Group Policy Update..."
|
||||||
|
Try {
|
||||||
|
Start-Process gpupdate -ArgumentList "/force" -RedirectStandardOutput "c:\Temp\gpupdate_stdout.txt" -RedirectStandardError "c:\Temp\gpupdate_stderr.txt" -ErrorAction Stop
|
||||||
|
$stdout = (Get-Content "c:\Temp\gpupdate_stdout.txt")
|
||||||
|
Write-Host "$stdout"
|
||||||
|
}
|
||||||
|
Catch {
|
||||||
|
$ErrorMessage = $_.Exception.Message
|
||||||
|
Write-Host "Error: $ErrorMessage"
|
||||||
|
$stderr = (Get-Content "c:\Temp\gpupdate_stderr.txt")
|
||||||
|
Write-Host $stderr
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
0
AWS/Terraform/scripts/coveware.ps1
Normal file
0
AWS/Terraform/scripts/coveware.ps1
Normal file
@@ -65,4 +65,3 @@ post_build_checks() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
post_build_checks
|
post_build_checks
|
||||||
exit 0
|
|
||||||
|
|||||||
@@ -113,7 +113,6 @@ main() {
|
|||||||
/bin/bash "$DL_DIR/Vagrant/post_build_checks.sh"
|
/bin/bash "$DL_DIR/Vagrant/post_build_checks.sh"
|
||||||
}
|
}
|
||||||
main
|
main
|
||||||
exit 0
|
|
||||||
EOF
|
EOF
|
||||||
chmod +x /opt/DetectionLab/build.sh
|
chmod +x /opt/DetectionLab/build.sh
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user