Terraform AMI Refresh, Windows 10 box refresh

2019-05-09 20:58:06 -07:00
parent 9c2710c808
commit f20589be4d
10 changed files with 87 additions and 42 deletions
--- a/Terraform/Pre-Built_AMIs.md
+++ b/Terraform/Pre-Built_AMIs.md
@@ -19,7 +19,7 @@ The supplied Terraform configuration can then be used to create EC2 instances an
 3. Create a private/public keypair to use to SSH into logger: `ssh-keygen -b 2048 -f ~/.ssh/id_logger`
 4. Copy the file at [/DetectionLab/Terraform/terraform.tfvars.example](./terraform.tfvars.example) to `/DetectionLab/Terraform/terraform.tfvars`
 5. In `terraform.tfvars`, provide overrides for the variables specified in [variables.tf](./variables.tf)
-6. From the `/DetectionLab/Terraform/` directory, run `terraform init` to setup the initial Terraform configuration
+6. From the `/DetectionLab/Terraform` directory, run `terraform init` to setup the initial Terraform configuration
 7. Run `terraform apply` to begin the provisioning process

 [![DetectionLab - Terraform](https://i.vimeocdn.com/video/777172792_640.webp)](https://vimeo.com/331695321)
--- a/Terraform/README.md
+++ b/Terraform/README.md
@@ -19,3 +19,14 @@ One method for spinning up DetectionLab in AWS is to begin by using Virtualbox o
 This method has the benefit of allowing users to customize the VMs before importing them to AWS.

 The instructions for deploying DetectionLab in AWS via this method are available here: [Build Your Own AMIs README](./VM_to_AMIs.md)
+
+
+### Current AMI Listing
+| Region | Name | AMI-ID |
+|--------|------|--------|
+| us-west-1 | detectionlab-dc    | ami-03e2df055c632a0dd |
+| us-west-1 | detectionlab-wef   | ami-03c82482c03a740c5 |
+| us-west-1 | detectionlab-win10 | ami-0a4644e74768900f7 |
+| us-east-1 | detectionlab-dc    | ami-0eba8a430eb9c0d92 |
+| us-east-1 | detectionlab-wef   | ami-077981880d8b81b6b |
+| us-east-1 | detectionlab-win10 | ami-0d1b75d4a41ff0e0a |
--- a/Terraform/VM_to_AMIs.md
+++ b/Terraform/VM_to_AMIs.md
@@ -28,18 +28,18 @@ The supplied Terraform configuration can then be used to create EC2 instances an

 7. Export the DetectionLab VMs as single file OVA files if they are not already in that format
 8. [Upload the OVAs to the S3 bucket](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/upload-objects.html) you created in step three
-9. Edit the `logger.json`, `dc.json`, `wef.json` and `win10.json` files and modify the S3Bucket and S3Key headers to match the location of the OVA files in your S3 bucket.
+9. Edit the `dc.json`, `wef.json` and `win10.json` files and modify the S3Bucket and S3Key headers to match the location of the OVA files in your S3 bucket.
 10. Import the VMs from S3 as AMIs by running the following commands:
 ```
 aws ec2 import-image --description "dc" --license-type byol --disk-containers file:///path/to/DetectionLab/Terraform/vm_import/dc.json
 aws ec2 import-image --description "wef" --license-type byol --disk-containers file:///path/to/DetectionLab/Terraform/vm_import/wef.json
 aws ec2 import-image --description "win10" --license-type byol --disk-containers file:///path/to/DetectionLab/Terraform/vm_import/win10.json
-aws ec2 import-image --description "logger" --license-type byol --disk-containers file:///path/to/DetectionLab/Terraform/vm_import/logger.json
 ```
 11. Check on the status of the importation with the following command:

  ```aws ec2 describe-import-image-tasks --import-task-ids <import-ami-xxxxxxxxxxxxxxxxx>```

-12. Fill out the variables in `/path/to/DetectionLab/Terraform/terraform.tfvars`
-13. Run `terraform init` to setup the initial Terraform configuration
-14. `cd /path/to/DetectionLab/Terraform/Method1 && terraform apply`
+12. Copy the file at [/DetectionLab/Terraform/terraform.tfvars.example](./terraform.tfvars.example) to `/DetectionLab/Terraform/terraform.tfvars`
+13. Fill out the variables in `/DetectionLab/Terraform/terraform.tfvars`
+14. Run `terraform init` to setup the initial Terraform configuration
+15. cd to `DetectionLab/Terraform` and run `terraform apply`
--- a/Terraform/main.tf
+++ b/Terraform/main.tf
@@ -152,7 +152,7 @@ resource "aws_instance" "logger" {
  # Provision the AWS Ubuntu 16.04 AMI from scratch.
  provisioner "remote-exec" {
    inline = [
-      "sudo add-apt-repository universe && sudo apt-get update && sudo apt-get install -y git",
+      "sudo add-apt-repository universe && sudo apt-get -qq update && sudo apt-get -qq install -y git",
      "echo 'logger' | sudo tee /etc/hostname && sudo hostnamectl set-hostname logger",
      "sudo adduser --disabled-password --gecos \"\" vagrant && echo 'vagrant:vagrant' | sudo chpasswd",
      "sudo mkdir /home/vagrant/.ssh && sudo cp /home/ubuntu/.ssh/authorized_keys /home/vagrant/.ssh/authorized_keys && sudo chown -R vagrant:vagrant /home/vagrant/.ssh",
@@ -180,7 +180,8 @@ resource "aws_instance" "logger" {

 resource "aws_instance" "dc" {
  instance_type = "t2.medium"
-  ami = "${var.dc_ami}"
+  # Change the below variable to "${var.dc_ami}" if using hardcoded AMIs
+  ami = "${data.aws_ami.dc_ami.image_id}"
  tags {
    Name = "dc.windomain.local"
  }
@@ -194,7 +195,8 @@ resource "aws_instance" "dc" {

 resource "aws_instance" "wef" {
  instance_type = "t2.medium"
-  ami = "${var.wef_ami}"
+  # Change the below variable to "${var.wef_ami}" if using hardcoded AMIs
+  ami = "${data.aws_ami.wef_ami.image_id}"
  tags {
    Name = "wef.windomain.local"
  }
@@ -208,7 +210,8 @@ resource "aws_instance" "wef" {

 resource "aws_instance" "win10" {
  instance_type = "t2.medium"
-  ami = "${var.win10_ami}"
+  # Change the below variable to "${var.win10_ami}" if using hardcoded AMIs
+  ami = "${data.aws_ami.win10_ami.image_id}"
  tags {
    Name = "win10.windomain.local"
  }
--- a/Terraform/outputs.tf
+++ b/Terraform/outputs.tf
@@ -1,3 +1,7 @@
+output region {
+  value = "${var.region}"
+}
+
 output "logger_public_ip" {
  value = "${aws_instance.logger.public_ip}"
 }
@@ -13,3 +17,15 @@ output "wef_public_ip" {
 output "win10_public_ip" {
  value = "${aws_instance.win10.public_ip}"
 }
+
+output "latest_dc_ami_id" {
+  value = "${data.aws_ami.dc_ami.image_id}"
+}
+
+output "latest_wef_ami_id" {
+  value = "${data.aws_ami.wef_ami.image_id}"
+}
+
+output "latest_win10_ami_id" {
+  value = "${data.aws_ami.wef_ami.image_id}"
+}
--- a/Terraform/variables.tf
+++ b/Terraform/variables.tf
@@ -35,22 +35,47 @@ variable "external_dns_servers" {
  default = ["8.8.8.8"]
 }

+# Use Data Sources to resolve the AMI-ID for the pre-built DC host
+data "aws_ami" "dc_ami" {
+  owners = ["505638924199"]
+  filter {
+    name = "name"
+    values = ["detectionlab-dc"]
+  }
+}
+
+ # Use Data Sources to resolve the AMI-ID for the pre-built WEF host
+data "aws_ami" "wef_ami" {
+  owners = ["505638924199"]
+  most_recent = true
+  filter {
+    name = "name"
+    values = ["detectionlab-wef"]
+  }
+}
+
+ # Use Data Sources to resolve the AMI-ID for the pre-built Win10 host
+data "aws_ami" "win10_ami" {
+  owners = ["505638924199"]
+  most_recent = true
+  filter {
+    name = "name"
+    values = ["detectionlab-win10"]
+  }
+}
+
 # The logger host uses the Amazon Ubuntu 16.04 image
 # If you are building your own AMIs, replace the default values below with
 # the AMI IDs
-variable "logger_ami" {
-  type = "string"
-  default = "ami-0693b32d066fade8a"
-}
 variable "dc_ami" {
  type = "string"
-  default = "ami-0f0f0aaba01986b10"
+  default = "ami-03e2df055c632a0dd"
 }
 variable "wef_ami" {
  type = "string"
-  default = "ami-02566cd6ca3b7c6ae"
+  default = "ami-03c82482c03a740c5"
 }
 variable "win10_ami" {
  type = "string"
-  default = "ami-06a8a101dac68a81a"
+  default = "ami-0a4644e74768900f7"
 }
--- a/Terraform/vm_import/logger.json
+++ b/Terraform/vm_import/logger.json
@@ -1,9 +0,0 @@
-[
-  {
-    "Description": "logger",
-    "Format": "ova",
-    "UserBucket": {
-        "S3Bucket": "YOUR_BUCKET_GOES_HERE",
-        "S3Key": "logger.ova"
-    }
-}]