Skip to content

Latest commit

 

History

History
60 lines (49 loc) · 2.68 KB

README_Terraform.md

File metadata and controls

60 lines (49 loc) · 2.68 KB

For instructions on how to install terraform, please consult the following: HashiCorp Terraform Installation

Install git if not part of the default OS packages:

sudo <OS package manager here> install git
(could be apt, yum, dpkg, etc.)

Clone this repository:

git clone https://github.com/DShield-ISC/dshield

Change into the cloud provider automation directory of choice:

  • To deploy honeypots using AWS' infrastructure:

    • cd dshield/terraform/aws/
  • To deploy honeypots using Microsoft Azure's infrastructure:

    • cd dshield/terraform/azure/

Adjust the required and optional variables to reflect the environment:

<insert your editor of choice here> variables.tf
(no judgement if the editor isn't vi)

Define the following required variables:

  • dshield_email
  • dshield_apikey
  • dshield_userid
  • aws_ssh_key_pub OR azure_ssh_key_pub depending on provider
  • aws_ssh_key_priv OR azure_ssh_key_priv depending on provider
  • aws_credentials if using AWS
  • azure_tenant_id if using Azure Service Principal
  • azure_subscription_id if using Azure Service Principal
  • azure_client_id if using Azure Service Principal
  • azure_client_secret if using Azure Service Principal

Optional variables:

  • honeypot_nodes (default: 1 increase to scale horizontally)
  • aws_region (default: us-east-1) if using AWS
  • aws_ec2_size (default: t2.micro) if using AWS
  • azure_region (default: East US) if using Azure
  • azure_image_size (default: Standard_B1ls) if using Azure
  • honeypot_network (default: 10.40.0.0/16 for VPC & 10.40.0.0/24 for SG)
  • honeypot_ssh_port (default: 12222)
  • dshield_ca_country (default: US)
  • dshield_ca_state (default: Florida)
  • dshield_ca_city (default: Jacksonville)
  • dshield_ca_company (default: DShield)
  • dshield_ca_depart (default: Decoy)

General assumptions (please update to reflect the appropriate locations as denoted above):

  • AWS credentials are contained in the default location:

    • ~/.aws/credentials
  • Azure credentials are successfully validated using az login prior to plan/apply

  • SSH credentials are contained in the default location:

    • ~/.ssh/id_rsa
    • ~/.ssh/id_rsa.pub

After completing the above items, run the following commands to begin the installation:

terraform init; terraform plan -out=honeypot; terraform apply "honeypot"
OR
terraform init; terraform apply and type yes when prompted