├── .gitignore ├── README.md ├── bh_template-20210720-002.json ├── bh_template.json └── bh_template_gen.py /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | .DS_Store 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # bh_aws 2 | Materials for AWS Training 3 | -------------------------------------------------------------------------------- /bh_template-20210720-002.json: -------------------------------------------------------------------------------- 1 | { 2 | "AWSTemplateFormatVersion": "2010-09-09", 3 | "Description": " AWS CloudFormation Template for AWS Exploitation Lab ", 4 | "Mappings": { 5 | "PrivateRegionMap": { 6 | "us-east-2": { 7 | "AMI": "ami-0255fb45a92df418d" 8 | } 9 | }, 10 | "PublicRegionMap": { 11 | "us-east-2": { 12 | "AMI": "ami-6a003c0f" 13 | } 14 | } 15 | }, 16 | "Outputs": { 17 | "PublicIP": { 18 | "Description": "IP Address of Public Instance", 19 | "Value": { 20 | "Fn::GetAtt": [ 21 | "PublicbluelizardInstance", 22 | "PublicIp" 23 | ] 24 | } 25 | } 26 | }, 27 | "Parameters": { 28 | "InstanceType": { 29 | "AllowedValues": [ 30 | "t2.micro", 31 | "t2.small", 32 | "t2.medium", 33 | "m3.medium", 34 | "m3.large", 35 | "m3.xlarge", 36 | "m3.2xlarge" 37 | ], 38 | "ConstraintDescription": "must be a valid EC2 instance type.", 39 | "Default": "t2.micro", 40 | "Description": "WebServer EC2 instance type", 41 | "Type": "String" 42 | }, 43 | "KeyName": { 44 | "ConstraintDescription": "must be the name of an existing EC2 KeyPair.", 45 | "Description": "Name of an existing EC2 KeyPair to enable SSH access to the instance", 46 | "Type": "AWS::EC2::KeyPair::KeyName" 47 | }, 48 | "SSHLocation": { 49 | "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", 50 | "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x.", 51 | "Default": "0.0.0.0/0", 52 | "Description": " The IP address range that can be used to SSH to the EC2 instances", 53 | "MaxLength": "18", 54 | "MinLength": "9", 55 | "Type": "String" 56 | } 57 | }, 58 | "Resources": { 59 | "AttachGateway": { 60 | "Properties": { 61 | "InternetGatewayId": { 62 | "Ref": "InternetGateway" 63 | }, 64 | "VpcId": { 65 | "Ref": "VPC" 66 | } 67 | }, 68 | "Type": "AWS::EC2::VPCGatewayAttachment" 69 | }, 70 | "BucketPolicy": { 71 | "DependsOn": [ 72 | "S3Bucket" 73 | ], 74 | "Properties": { 75 | "Bucket": { 76 | "Ref": "S3Bucket" 77 | }, 78 | "PolicyDocument": { 79 | "Id": "EnforceServersideEncryption", 80 | "Statement": [ 81 | { 82 | "Action": [ 83 | "s3:PutObject" 84 | ], 85 | "Effect": "Allow", 86 | "Principal": { 87 | "Service": [ 88 | "cloudtrail.amazonaws.com" 89 | ] 90 | }, 91 | "Resource": [ 92 | { 93 | "Fn::Join": [ 94 | "", 95 | [ 96 | "arn:aws:s3:::", 97 | { 98 | "Ref": "S3Bucket" 99 | }, 100 | "/*" 101 | ] 102 | ] 103 | } 104 | ], 105 | "Sid": "PermitCTBucketPut" 106 | }, 107 | { 108 | "Action": [ 109 | "s3:GetBucketAcl" 110 | ], 111 | "Effect": "Allow", 112 | "Principal": { 113 | "Service": [ 114 | "cloudtrail.amazonaws.com" 115 | ] 116 | }, 117 | "Resource": [ 118 | { 119 | "Fn::Join": [ 120 | "", 121 | [ 122 | "arn:aws:s3:::", 123 | { 124 | "Ref": "S3Bucket" 125 | } 126 | ] 127 | ] 128 | } 129 | ], 130 | "Sid": "PermitCTBucketACLRead" 131 | } 132 | ], 133 | "Version": "2012-10-17" 134 | } 135 | }, 136 | "Type": "AWS::S3::BucketPolicy" 137 | }, 138 | "CloudTrail": { 139 | "DependsOn": [ 140 | "BucketPolicy" 141 | ], 142 | "Properties": { 143 | "IncludeGlobalServiceEvents": "true", 144 | "IsLogging": "true", 145 | "IsMultiRegionTrail": "true", 146 | "S3BucketName": { 147 | "Ref": "S3Bucket" 148 | } 149 | }, 150 | "Type": "AWS::CloudTrail::Trail" 151 | }, 152 | "InstanceProfile": { 153 | "Properties": { 154 | "InstanceProfileName": "bluelizardInstanceRole", 155 | "Roles": [ 156 | { 157 | "Ref": "bluelizardEC2Role" 158 | } 159 | ] 160 | }, 161 | "Type": "AWS::IAM::InstanceProfile" 162 | }, 163 | "InstanceSecurityGroup": { 164 | "Properties": { 165 | "GroupDescription": "bluelizardSecurityGroup", 166 | "SecurityGroupIngress": [ 167 | { 168 | "CidrIp": { 169 | "Ref": "SSHLocation" 170 | }, 171 | "FromPort": "22", 172 | "IpProtocol": "tcp", 173 | "ToPort": "22" 174 | }, 175 | { 176 | "CidrIp": "0.0.0.0/0", 177 | "FromPort": "80", 178 | "IpProtocol": "tcp", 179 | "ToPort": "80" 180 | }, 181 | { 182 | "CidrIp": "0.0.0.0/0", 183 | "FromPort": "1080", 184 | "IpProtocol": "tcp", 185 | "ToPort": "1080" 186 | }, 187 | { 188 | "CidrIp": "0.0.0.0/0", 189 | "FromPort": "443", 190 | "IpProtocol": "tcp", 191 | "ToPort": "443" 192 | }, 193 | { 194 | "CidrIp": "10.0.0.0/8", 195 | "FromPort": "0", 196 | "IpProtocol": "tcp", 197 | "ToPort": "65535" 198 | } 199 | ], 200 | "VpcId": { 201 | "Ref": "VPC" 202 | } 203 | }, 204 | "Type": "AWS::EC2::SecurityGroup" 205 | }, 206 | "InternetGateway": { 207 | "Properties": { 208 | "Tags": [ 209 | { 210 | "Key": "Application", 211 | "Value": { 212 | "Ref": "AWS::StackId" 213 | } 214 | }, 215 | { 216 | "Key": "Name", 217 | "Value": "bluelizardInternetGateway" 218 | } 219 | ] 220 | }, 221 | "Type": "AWS::EC2::InternetGateway" 222 | }, 223 | "PrivInstanceProfile": { 224 | "Properties": { 225 | "InstanceProfileName": "bluelizardPrivInstanceRole", 226 | "Roles": [ 227 | { 228 | "Ref": "bluelizardPrivEC2Role" 229 | } 230 | ] 231 | }, 232 | "Type": "AWS::IAM::InstanceProfile" 233 | }, 234 | "PrivatebluelizardInstance": { 235 | "Properties": { 236 | "IamInstanceProfile": "bluelizardPrivInstanceRole", 237 | "ImageId": { 238 | "Fn::FindInMap": [ 239 | "PrivateRegionMap", 240 | { 241 | "Ref": "AWS::Region" 242 | }, 243 | "AMI" 244 | ] 245 | }, 246 | "InstanceType": { 247 | "Ref": "InstanceType" 248 | }, 249 | "KeyName": { 250 | "Ref": "KeyName" 251 | }, 252 | "NetworkInterfaces": [ 253 | { 254 | "DeleteOnTermination": "true", 255 | "DeviceIndex": "0", 256 | "GroupSet": [ 257 | { 258 | "Ref": "InstanceSecurityGroup" 259 | } 260 | ], 261 | "SubnetId": { 262 | "Ref": "bluelizardSubnetPrivate" 263 | } 264 | } 265 | ], 266 | "Tags": [ 267 | { 268 | "Key": "Application", 269 | "Value": { 270 | "Ref": "AWS::StackId" 271 | } 272 | }, 273 | { 274 | "Key": "Name", 275 | "Value": "bluelizardPrivateInstance" 276 | } 277 | ], 278 | "UserData": { 279 | "Fn::Base64": "#!/bin/bash\necho \"START\" > /tmp/userdata001.txt\nid >> /tmp/userdata001.txt\nuname -a >> /tmp/userdata001.txt\n#curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -\n#sudo add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\"\n#sudo apt-get update\n#apt-cache policy docker-ce\n#sudo apt-get install -y docker-ce\nsudo chmod -x /etc/update-motd.d/90-updates-available\nsudo docker run --restart=always -d -p 8080:8080 cnoio/nbvulns001\nsudo docker run --restart=always -d -v /home/ubuntu:/home/ubuntu:ro --privileged -p 5000:5000 cnoio/nbvulns002\nsudo docker run --restart=always -d -p 8000:8000 cnoio/nbvulns003\nsudo docker run --restart=always -d -p 8081:8081 cnoio/nbvulns004\nsudo docker run --restart=always -d -v /home/ubuntu:/home/ubuntu:ro --privileged -p 5001:5001 cnoio/nbvulns005\necho \"END\" >> /tmp/userdata001.txt\n" 280 | } 281 | }, 282 | "Type": "AWS::EC2::Instance" 283 | }, 284 | "PublicbluelizardInstance": { 285 | "Properties": { 286 | "ImageId": { 287 | "Fn::FindInMap": [ 288 | "PublicRegionMap", 289 | { 290 | "Ref": "AWS::Region" 291 | }, 292 | "AMI" 293 | ] 294 | }, 295 | "InstanceType": { 296 | "Ref": "InstanceType" 297 | }, 298 | "KeyName": { 299 | "Ref": "KeyName" 300 | }, 301 | "NetworkInterfaces": [ 302 | { 303 | "AssociatePublicIpAddress": "true", 304 | "DeleteOnTermination": "true", 305 | "DeviceIndex": "0", 306 | "GroupSet": [ 307 | { 308 | "Ref": "InstanceSecurityGroup" 309 | } 310 | ], 311 | "SubnetId": { 312 | "Ref": "bluelizardSubnetPublic" 313 | } 314 | } 315 | ], 316 | "Tags": [ 317 | { 318 | "Key": "Application", 319 | "Value": { 320 | "Ref": "AWS::StackId" 321 | } 322 | }, 323 | { 324 | "Key": "Name", 325 | "Value": "bluelizardPublicInstance" 326 | } 327 | ], 328 | "UserData": { 329 | "Fn::Base64": "#!/bin/bash\necho \"START\" > /tmp/userdata001.txt\nid >> /tmp/userdata001.tx\nutname -a >> /tmp/userdata001.txt\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -\nsudo add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\"\nsudo echo \"deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ xenial main\" > /etc/apt/sources.list.d/azure-cli.list\ncurl -L https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -\nsudo apt-get update\napt-cache policy docker-ce\nsudo apt-get install -y docker-ce\nsudo apt-get install -y nmap\nsudo apt-get install -y awscli\nsudo apt-get install -y python\nsudo apt-get install -y python-pip\nsudo pip install flask\nsudo pip install boto3\nsudo apt-get install -y john\nsudo apt-get install -y binwalk\nsudo apt-get install -y virtualenv\nsudo apt-get install -y git\nsudo mkdir /shared\nsudo git clone https://github.com/cno-io/bh_shared.git /shared\nsudo mkdir -p /shared/lists/\nsudo mkdir -p /shared/spider/\nsudo mkdir -p /shared/lookups/\nsudo mkdir -p /root/.aws/\nsudo mkdir -p /root/.principalmap/\nsudo chmod 700 /shared/lookups/nslookups.sh\nsudo chmod 700 /shared/other/bashrc.sh\nsudo echo \"source /shared/other/bashrc.sh\" >> /root/.bashrc\nsudo chmod -x /etc/update-motd.d/90-updates-available\nsudo apt-get install -y unzip\nsudo apt-get install -y p7zip-full\nsudo echo \". ~/.bashrc\" >> /root/.profile\nsudo apt-get install -y unzip\nsudo apt-get install -y p7zip-full\nsudo /usr/bin/7z x /shared/voodoo_ce/voodoo_ce.7z -p\"Stage2Train\" -o\"/shared/voodoo_ce\"\necho \"$(ifconfig eth0 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}') $(hostname)\" >> /tmp/userdata001.txt\necho \"$(ifconfig eth0 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}') $(hostname)\" | sudo tee --append /etc/hosts\nsudo curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash\nsudo echo \"deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main\" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list\nsudo curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -\nsudo apt-get update && sudo apt-get install -y google-cloud-sdk\nsudo pip install google-api-python-client\necho \"END\" >> /tmp/userdata001.txt\n" 330 | } 331 | }, 332 | "Type": "AWS::EC2::Instance" 333 | }, 334 | "Route": { 335 | "DependsOn": "AttachGateway", 336 | "Properties": { 337 | "DestinationCidrBlock": "0.0.0.0/0", 338 | "GatewayId": { 339 | "Ref": "InternetGateway" 340 | }, 341 | "RouteTableId": { 342 | "Ref": "RouteTable" 343 | } 344 | }, 345 | "Type": "AWS::EC2::Route" 346 | }, 347 | "RouteTable": { 348 | "Properties": { 349 | "Tags": [ 350 | { 351 | "Key": "Application", 352 | "Value": { 353 | "Ref": "AWS::StackId" 354 | } 355 | }, 356 | { 357 | "Key": "Name", 358 | "Value": "bluelizardRouteTable" 359 | } 360 | ], 361 | "VpcId": { 362 | "Ref": "VPC" 363 | } 364 | }, 365 | "Type": "AWS::EC2::RouteTable" 366 | }, 367 | "S3Bucket": { 368 | "DeletionPolicy": "Retain", 369 | "Type": "AWS::S3::Bucket" 370 | }, 371 | "SubnetRouteTableAssociation": { 372 | "Properties": { 373 | "RouteTableId": { 374 | "Ref": "RouteTable" 375 | }, 376 | "SubnetId": { 377 | "Ref": "bluelizardSubnetPublic" 378 | } 379 | }, 380 | "Type": "AWS::EC2::SubnetRouteTableAssociation" 381 | }, 382 | "VPC": { 383 | "Properties": { 384 | "CidrBlock": "10.0.0.0/16", 385 | "Tags": [ 386 | { 387 | "Key": "Application", 388 | "Value": { 389 | "Ref": "AWS::StackId" 390 | } 391 | } 392 | ] 393 | }, 394 | "Type": "AWS::EC2::VPC" 395 | }, 396 | "bluelizardEC2Role": { 397 | "Properties": { 398 | "AssumeRolePolicyDocument": { 399 | "Statement": [ 400 | { 401 | "Action": [ 402 | "sts:AssumeRole" 403 | ], 404 | "Effect": "Allow", 405 | "Principal": { 406 | "Service": [ 407 | "ec2.amazonaws.com" 408 | ] 409 | } 410 | } 411 | ] 412 | }, 413 | "ManagedPolicyArns": [ 414 | "arn:aws:iam::aws:policy/ReadOnlyAccess" 415 | ] 416 | }, 417 | "Type": "AWS::IAM::Role" 418 | }, 419 | "bluelizardPrivEC2Role": { 420 | "Properties": { 421 | "AssumeRolePolicyDocument": { 422 | "Statement": [ 423 | { 424 | "Action": [ 425 | "sts:AssumeRole" 426 | ], 427 | "Effect": "Allow", 428 | "Principal": { 429 | "Service": [ 430 | "ec2.amazonaws.com" 431 | ] 432 | } 433 | } 434 | ] 435 | }, 436 | "ManagedPolicyArns": [ 437 | "arn:aws:iam::aws:policy/ReadOnlyAccess" 438 | ], 439 | "Policies": [ 440 | { 441 | "PolicyDocument": { 442 | "Statement": [ 443 | { 444 | "Action": [ 445 | "ec2:CreateSnapshot", 446 | "ec2:ModifySnapshotAttribute" 447 | ], 448 | "Effect": "Allow", 449 | "Resource": [ 450 | "*" 451 | ], 452 | "Sid": "PermitEC2Snapshots" 453 | } 454 | ] 455 | }, 456 | "PolicyName": "EC2SnapshotPermissions" 457 | } 458 | ] 459 | }, 460 | "Type": "AWS::IAM::Role" 461 | }, 462 | "bluelizardSubnetPrivate": { 463 | "Properties": { 464 | "CidrBlock": "10.0.2.0/24", 465 | "MapPublicIpOnLaunch": "false", 466 | "Tags": [ 467 | { 468 | "Key": "Application", 469 | "Value": { 470 | "Ref": "AWS::StackId" 471 | } 472 | }, 473 | { 474 | "Key": "Name", 475 | "Value": "bluelizardSubnet_private" 476 | } 477 | ], 478 | "VpcId": { 479 | "Ref": "VPC" 480 | } 481 | }, 482 | "Type": "AWS::EC2::Subnet" 483 | }, 484 | "bluelizardSubnetPublic": { 485 | "Properties": { 486 | "CidrBlock": "10.0.1.0/24", 487 | "MapPublicIpOnLaunch": "true", 488 | "Tags": [ 489 | { 490 | "Key": "Application", 491 | "Value": { 492 | "Ref": "AWS::StackId" 493 | } 494 | }, 495 | { 496 | "Key": "Name", 497 | "Value": "bluelizardSubnet_public" 498 | } 499 | ], 500 | "VpcId": { 501 | "Ref": "VPC" 502 | } 503 | }, 504 | "Type": "AWS::EC2::Subnet" 505 | } 506 | } 507 | } -------------------------------------------------------------------------------- /bh_template.json: -------------------------------------------------------------------------------- 1 | { 2 | "AWSTemplateFormatVersion": "2010-09-09", 3 | "Description": " AWS CloudFormation Template for AWS Exploitation Lab ", 4 | "Mappings": { 5 | "PrivateRegionMap": { 6 | "us-east-2": { 7 | "AMI": "ami-0255fb45a92df418d" 8 | } 9 | }, 10 | "PublicRegionMap": { 11 | "us-east-2": { 12 | "AMI": "ami-6a003c0f" 13 | } 14 | } 15 | }, 16 | "Outputs": { 17 | "PublicIP": { 18 | "Description": "IP Address of Public Instance", 19 | "Value": { 20 | "Fn::GetAtt": [ 21 | "PublicbluelizardInstance", 22 | "PublicIp" 23 | ] 24 | } 25 | } 26 | }, 27 | "Parameters": { 28 | "InstanceType": { 29 | "AllowedValues": [ 30 | "t2.micro", 31 | "t2.small", 32 | "t2.medium", 33 | "m3.medium", 34 | "m3.large", 35 | "m3.xlarge", 36 | "m3.2xlarge" 37 | ], 38 | "ConstraintDescription": "must be a valid EC2 instance type.", 39 | "Default": "t2.micro", 40 | "Description": "WebServer EC2 instance type", 41 | "Type": "String" 42 | }, 43 | "KeyName": { 44 | "ConstraintDescription": "must be the name of an existing EC2 KeyPair.", 45 | "Description": "Name of an existing EC2 KeyPair to enable SSH access to the instance", 46 | "Type": "AWS::EC2::KeyPair::KeyName" 47 | }, 48 | "SSHLocation": { 49 | "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", 50 | "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x.", 51 | "Default": "0.0.0.0/0", 52 | "Description": " The IP address range that can be used to SSH to the EC2 instances", 53 | "MaxLength": "18", 54 | "MinLength": "9", 55 | "Type": "String" 56 | } 57 | }, 58 | "Resources": { 59 | "AttachGateway": { 60 | "Properties": { 61 | "InternetGatewayId": { 62 | "Ref": "InternetGateway" 63 | }, 64 | "VpcId": { 65 | "Ref": "VPC" 66 | } 67 | }, 68 | "Type": "AWS::EC2::VPCGatewayAttachment" 69 | }, 70 | "BucketPolicy": { 71 | "DependsOn": [ 72 | "S3Bucket" 73 | ], 74 | "Properties": { 75 | "Bucket": { 76 | "Ref": "S3Bucket" 77 | }, 78 | "PolicyDocument": { 79 | "Id": "EnforceServersideEncryption", 80 | "Statement": [ 81 | { 82 | "Action": [ 83 | "s3:PutObject" 84 | ], 85 | "Effect": "Allow", 86 | "Principal": { 87 | "Service": [ 88 | "cloudtrail.amazonaws.com" 89 | ] 90 | }, 91 | "Resource": [ 92 | { 93 | "Fn::Join": [ 94 | "", 95 | [ 96 | "arn:aws:s3:::", 97 | { 98 | "Ref": "S3Bucket" 99 | }, 100 | "/*" 101 | ] 102 | ] 103 | } 104 | ], 105 | "Sid": "PermitCTBucketPut" 106 | }, 107 | { 108 | "Action": [ 109 | "s3:GetBucketAcl" 110 | ], 111 | "Effect": "Allow", 112 | "Principal": { 113 | "Service": [ 114 | "cloudtrail.amazonaws.com" 115 | ] 116 | }, 117 | "Resource": [ 118 | { 119 | "Fn::Join": [ 120 | "", 121 | [ 122 | "arn:aws:s3:::", 123 | { 124 | "Ref": "S3Bucket" 125 | } 126 | ] 127 | ] 128 | } 129 | ], 130 | "Sid": "PermitCTBucketACLRead" 131 | } 132 | ], 133 | "Version": "2012-10-17" 134 | } 135 | }, 136 | "Type": "AWS::S3::BucketPolicy" 137 | }, 138 | "CloudTrail": { 139 | "DependsOn": [ 140 | "BucketPolicy" 141 | ], 142 | "Properties": { 143 | "IncludeGlobalServiceEvents": "true", 144 | "IsLogging": "true", 145 | "IsMultiRegionTrail": "true", 146 | "S3BucketName": { 147 | "Ref": "S3Bucket" 148 | } 149 | }, 150 | "Type": "AWS::CloudTrail::Trail" 151 | }, 152 | "InstanceProfile": { 153 | "Properties": { 154 | "InstanceProfileName": "bluelizardInstanceRole", 155 | "Roles": [ 156 | { 157 | "Ref": "bluelizardEC2Role" 158 | } 159 | ] 160 | }, 161 | "Type": "AWS::IAM::InstanceProfile" 162 | }, 163 | "InstanceSecurityGroup": { 164 | "Properties": { 165 | "GroupDescription": "bluelizardSecurityGroup", 166 | "SecurityGroupIngress": [ 167 | { 168 | "CidrIp": { 169 | "Ref": "SSHLocation" 170 | }, 171 | "FromPort": "22", 172 | "IpProtocol": "tcp", 173 | "ToPort": "22" 174 | }, 175 | { 176 | "CidrIp": "0.0.0.0/0", 177 | "FromPort": "80", 178 | "IpProtocol": "tcp", 179 | "ToPort": "80" 180 | }, 181 | { 182 | "CidrIp": "0.0.0.0/0", 183 | "FromPort": "1080", 184 | "IpProtocol": "tcp", 185 | "ToPort": "1080" 186 | }, 187 | { 188 | "CidrIp": "0.0.0.0/0", 189 | "FromPort": "443", 190 | "IpProtocol": "tcp", 191 | "ToPort": "443" 192 | }, 193 | { 194 | "CidrIp": "10.0.0.0/8", 195 | "FromPort": "0", 196 | "IpProtocol": "tcp", 197 | "ToPort": "65535" 198 | } 199 | ], 200 | "VpcId": { 201 | "Ref": "VPC" 202 | } 203 | }, 204 | "Type": "AWS::EC2::SecurityGroup" 205 | }, 206 | "InternetGateway": { 207 | "Properties": { 208 | "Tags": [ 209 | { 210 | "Key": "Application", 211 | "Value": { 212 | "Ref": "AWS::StackId" 213 | } 214 | }, 215 | { 216 | "Key": "Name", 217 | "Value": "bluelizardInternetGateway" 218 | } 219 | ] 220 | }, 221 | "Type": "AWS::EC2::InternetGateway" 222 | }, 223 | "PrivInstanceProfile": { 224 | "Properties": { 225 | "InstanceProfileName": "bluelizardPrivInstanceRole", 226 | "Roles": [ 227 | { 228 | "Ref": "bluelizardPrivEC2Role" 229 | } 230 | ] 231 | }, 232 | "Type": "AWS::IAM::InstanceProfile" 233 | }, 234 | "PrivatebluelizardInstance": { 235 | "Properties": { 236 | "IamInstanceProfile": "bluelizardPrivInstanceRole", 237 | "ImageId": { 238 | "Fn::FindInMap": [ 239 | "PrivateRegionMap", 240 | { 241 | "Ref": "AWS::Region" 242 | }, 243 | "AMI" 244 | ] 245 | }, 246 | "InstanceType": { 247 | "Ref": "InstanceType" 248 | }, 249 | "KeyName": { 250 | "Ref": "KeyName" 251 | }, 252 | "NetworkInterfaces": [ 253 | { 254 | "DeleteOnTermination": "true", 255 | "DeviceIndex": "0", 256 | "GroupSet": [ 257 | { 258 | "Ref": "InstanceSecurityGroup" 259 | } 260 | ], 261 | "SubnetId": { 262 | "Ref": "bluelizardSubnetPrivate" 263 | } 264 | } 265 | ], 266 | "Tags": [ 267 | { 268 | "Key": "Application", 269 | "Value": { 270 | "Ref": "AWS::StackId" 271 | } 272 | }, 273 | { 274 | "Key": "Name", 275 | "Value": "bluelizardPrivateInstance" 276 | } 277 | ], 278 | "UserData": { 279 | "Fn::Base64": "#!/bin/bash\necho \"START\" > /tmp/userdata001.txt\nid >> /tmp/userdata001.txt\nuname -a >> /tmp/userdata001.txt\n#curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -\n#sudo add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\"\n#sudo apt-get update\n#apt-cache policy docker-ce\n#sudo apt-get install -y docker-ce\nsudo chmod -x /etc/update-motd.d/90-updates-available\nsudo docker run --restart=always -d -p 8080:8080 cnoio/nbvulns001\nsudo docker run --restart=always -d -v /home/ubuntu:/home/ubuntu:ro --privileged -p 5000:5000 cnoio/nbvulns002\nsudo docker run --restart=always -d -p 8000:8000 cnoio/nbvulns003\nsudo docker run --restart=always -d -p 8081:8081 cnoio/nbvulns004\nsudo docker run --restart=always -d -v /home/ubuntu:/home/ubuntu:ro --privileged -p 5001:5001 cnoio/nbvulns005\necho \"END\" >> /tmp/userdata001.txt\n" 280 | } 281 | }, 282 | "Type": "AWS::EC2::Instance" 283 | }, 284 | "PublicbluelizardInstance": { 285 | "Properties": { 286 | "ImageId": { 287 | "Fn::FindInMap": [ 288 | "PublicRegionMap", 289 | { 290 | "Ref": "AWS::Region" 291 | }, 292 | "AMI" 293 | ] 294 | }, 295 | "InstanceType": { 296 | "Ref": "InstanceType" 297 | }, 298 | "KeyName": { 299 | "Ref": "KeyName" 300 | }, 301 | "NetworkInterfaces": [ 302 | { 303 | "AssociatePublicIpAddress": "true", 304 | "DeleteOnTermination": "true", 305 | "DeviceIndex": "0", 306 | "GroupSet": [ 307 | { 308 | "Ref": "InstanceSecurityGroup" 309 | } 310 | ], 311 | "SubnetId": { 312 | "Ref": "bluelizardSubnetPublic" 313 | } 314 | } 315 | ], 316 | "Tags": [ 317 | { 318 | "Key": "Application", 319 | "Value": { 320 | "Ref": "AWS::StackId" 321 | } 322 | }, 323 | { 324 | "Key": "Name", 325 | "Value": "bluelizardPublicInstance" 326 | } 327 | ], 328 | "UserData": { 329 | "Fn::Base64": "#!/bin/bash\necho \"START\" > /tmp/userdata001.txt\nid >> /tmp/userdata001.tx\nutname -a >> /tmp/userdata001.txt\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -\nsudo add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\"\nsudo echo \"deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ xenial main\" > /etc/apt/sources.list.d/azure-cli.list\ncurl -L https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -\nsudo apt-get update\napt-cache policy docker-ce\nsudo apt-get install -y docker-ce\nsudo apt-get install -y nmap\nsudo apt-get install -y awscli\nsudo apt-get install -y python\nsudo apt-get install -y python-pip\nsudo pip install flask\nsudo pip install boto3\nsudo apt-get install -y john\nsudo apt-get install -y binwalk\nsudo apt-get install -y virtualenv\nsudo apt-get install -y git\nsudo mkdir /shared\nsudo git clone https://github.com/cno-io/bh_shared.git /shared\nsudo mkdir -p /shared/lists/\nsudo mkdir -p /shared/spider/\nsudo mkdir -p /shared/lookups/\nsudo mkdir -p /root/.aws/\nsudo mkdir -p /root/.principalmap/\nsudo chmod 700 /shared/lookups/nslookups.sh\nsudo chmod 700 /shared/other/bashrc.sh\nsudo echo \"source /shared/other/bashrc.sh\" >> /root/.bashrc\nsudo chmod -x /etc/update-motd.d/90-updates-available\nsudo apt-get install -y unzip\nsudo apt-get install -y p7zip-full\nsudo echo \". ~/.bashrc\" >> /root/.profile\nsudo apt-get install -y unzip\nsudo apt-get install -y p7zip-full\nsudo /usr/bin/7z x /shared/voodoo_ce/voodoo_ce.7z -p\"Stage2Train\" -o\"/shared/voodoo_ce\"\necho \"$(ifconfig eth0 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}') $(hostname)\" >> /tmp/userdata001.txt\necho \"$(ifconfig eth0 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}') $(hostname)\" | sudo tee --append /etc/hosts\nsudo curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash\nsudo echo \"deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main\" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list\nsudo curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -\nsudo apt-get update && sudo apt-get install -y google-cloud-sdk\nsudo pip install google-api-python-client\necho \"END\" >> /tmp/userdata001.txt\n" 330 | } 331 | }, 332 | "Type": "AWS::EC2::Instance" 333 | }, 334 | "Route": { 335 | "DependsOn": "AttachGateway", 336 | "Properties": { 337 | "DestinationCidrBlock": "0.0.0.0/0", 338 | "GatewayId": { 339 | "Ref": "InternetGateway" 340 | }, 341 | "RouteTableId": { 342 | "Ref": "RouteTable" 343 | } 344 | }, 345 | "Type": "AWS::EC2::Route" 346 | }, 347 | "RouteTable": { 348 | "Properties": { 349 | "Tags": [ 350 | { 351 | "Key": "Application", 352 | "Value": { 353 | "Ref": "AWS::StackId" 354 | } 355 | }, 356 | { 357 | "Key": "Name", 358 | "Value": "bluelizardRouteTable" 359 | } 360 | ], 361 | "VpcId": { 362 | "Ref": "VPC" 363 | } 364 | }, 365 | "Type": "AWS::EC2::RouteTable" 366 | }, 367 | "S3Bucket": { 368 | "DeletionPolicy": "Retain", 369 | "Type": "AWS::S3::Bucket" 370 | }, 371 | "SubnetRouteTableAssociation": { 372 | "Properties": { 373 | "RouteTableId": { 374 | "Ref": "RouteTable" 375 | }, 376 | "SubnetId": { 377 | "Ref": "bluelizardSubnetPublic" 378 | } 379 | }, 380 | "Type": "AWS::EC2::SubnetRouteTableAssociation" 381 | }, 382 | "VPC": { 383 | "Properties": { 384 | "CidrBlock": "10.0.0.0/16", 385 | "Tags": [ 386 | { 387 | "Key": "Application", 388 | "Value": { 389 | "Ref": "AWS::StackId" 390 | } 391 | } 392 | ] 393 | }, 394 | "Type": "AWS::EC2::VPC" 395 | }, 396 | "bluelizardEC2Role": { 397 | "Properties": { 398 | "AssumeRolePolicyDocument": { 399 | "Statement": [ 400 | { 401 | "Action": [ 402 | "sts:AssumeRole" 403 | ], 404 | "Effect": "Allow", 405 | "Principal": { 406 | "Service": [ 407 | "ec2.amazonaws.com" 408 | ] 409 | } 410 | } 411 | ] 412 | }, 413 | "ManagedPolicyArns": [ 414 | "arn:aws:iam::aws:policy/ReadOnlyAccess" 415 | ] 416 | }, 417 | "Type": "AWS::IAM::Role" 418 | }, 419 | "bluelizardPrivEC2Role": { 420 | "Properties": { 421 | "AssumeRolePolicyDocument": { 422 | "Statement": [ 423 | { 424 | "Action": [ 425 | "sts:AssumeRole" 426 | ], 427 | "Effect": "Allow", 428 | "Principal": { 429 | "Service": [ 430 | "ec2.amazonaws.com" 431 | ] 432 | } 433 | } 434 | ] 435 | }, 436 | "ManagedPolicyArns": [ 437 | "arn:aws:iam::aws:policy/ReadOnlyAccess" 438 | ], 439 | "Policies": [ 440 | { 441 | "PolicyDocument": { 442 | "Statement": [ 443 | { 444 | "Action": [ 445 | "ec2:CreateSnapshot", 446 | "ec2:ModifySnapshotAttribute" 447 | ], 448 | "Effect": "Allow", 449 | "Resource": [ 450 | "*" 451 | ], 452 | "Sid": "PermitEC2Snapshots" 453 | } 454 | ] 455 | }, 456 | "PolicyName": "EC2SnapshotPermissions" 457 | } 458 | ] 459 | }, 460 | "Type": "AWS::IAM::Role" 461 | }, 462 | "bluelizardSubnetPrivate": { 463 | "Properties": { 464 | "CidrBlock": "10.0.2.0/24", 465 | "MapPublicIpOnLaunch": "false", 466 | "Tags": [ 467 | { 468 | "Key": "Application", 469 | "Value": { 470 | "Ref": "AWS::StackId" 471 | } 472 | }, 473 | { 474 | "Key": "Name", 475 | "Value": "bluelizardSubnet_private" 476 | } 477 | ], 478 | "VpcId": { 479 | "Ref": "VPC" 480 | } 481 | }, 482 | "Type": "AWS::EC2::Subnet" 483 | }, 484 | "bluelizardSubnetPublic": { 485 | "Properties": { 486 | "CidrBlock": "10.0.1.0/24", 487 | "MapPublicIpOnLaunch": "true", 488 | "Tags": [ 489 | { 490 | "Key": "Application", 491 | "Value": { 492 | "Ref": "AWS::StackId" 493 | } 494 | }, 495 | { 496 | "Key": "Name", 497 | "Value": "bluelizardSubnet_public" 498 | } 499 | ], 500 | "VpcId": { 501 | "Ref": "VPC" 502 | } 503 | }, 504 | "Type": "AWS::EC2::Subnet" 505 | } 506 | } 507 | } -------------------------------------------------------------------------------- /bh_template_gen.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | # Converted form VPC_With_VPN_Connection.template located at: 4 | # http://aws.amazon.com/cloudformation/aws-cloudformation-templates 5 | 6 | #Useful references found here: 7 | # https://github.com/cloudtools/troposphere/blob/master/examples/ApplicationELB.py 8 | # http://boto3.readthedocs.io/en/latest/reference/services/elbv2.html#ElasticLoadBalancingv2.Client.create_target_group 9 | # https://github.com/cloudtools/troposphere/blob/master/examples/Lambda.py 10 | 11 | from troposphere import Base64, FindInMap, GetAtt, Join, Output 12 | from troposphere import Parameter, Ref, Tags, Template 13 | from troposphere.ec2 import Route, \ 14 | VPCGatewayAttachment, SubnetRouteTableAssociation, Subnet, RouteTable, \ 15 | VPC, NetworkInterfaceProperty, \ 16 | Instance, InternetGateway, \ 17 | SecurityGroupRule, SecurityGroup, \ 18 | LaunchSpecifications 19 | from troposphere.s3 import BucketPolicy, Bucket 20 | from troposphere.iam import Role, InstanceProfile, Policy 21 | from troposphere.cloudtrail import Trail 22 | import awacs 23 | import awacs.s3 as s3 24 | 25 | public_instance_userdata = """#!/bin/bash 26 | echo "START" > /tmp/userdata001.txt 27 | id >> /tmp/userdata001.tx 28 | utname -a >> /tmp/userdata001.txt 29 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 30 | sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 31 | sudo echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ xenial main" > /etc/apt/sources.list.d/azure-cli.list 32 | curl -L https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add - 33 | sudo apt-get update 34 | apt-cache policy docker-ce 35 | sudo apt-get install -y docker-ce 36 | sudo apt-get install -y nmap 37 | sudo apt-get install -y awscli 38 | sudo apt-get install -y python 39 | sudo apt-get install -y python-pip 40 | sudo pip install flask 41 | sudo pip install boto3 42 | sudo apt-get install -y john 43 | sudo apt-get install -y binwalk 44 | sudo apt-get install -y virtualenv 45 | sudo apt-get install -y git 46 | sudo mkdir /shared 47 | sudo git clone https://github.com/cno-io/bh_shared.git /shared 48 | sudo mkdir -p /shared/lists/ 49 | sudo mkdir -p /shared/spider/ 50 | sudo mkdir -p /shared/lookups/ 51 | sudo mkdir -p /root/.aws/ 52 | sudo mkdir -p /root/.principalmap/ 53 | sudo chmod 700 /shared/lookups/nslookups.sh 54 | sudo chmod 700 /shared/other/bashrc.sh 55 | sudo echo "source /shared/other/bashrc.sh" >> /root/.bashrc 56 | sudo chmod -x /etc/update-motd.d/90-updates-available 57 | sudo apt-get install -y unzip 58 | sudo apt-get install -y p7zip-full 59 | sudo echo ". ~/.bashrc" >> /root/.profile 60 | sudo apt-get install -y unzip 61 | sudo apt-get install -y p7zip-full 62 | sudo /usr/bin/7z x /shared/voodoo_ce/voodoo_ce.7z -p"Stage2Train" -o"/shared/voodoo_ce" 63 | echo "$(ifconfig eth0 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}') $(hostname)" >> /tmp/userdata001.txt 64 | echo "$(ifconfig eth0 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}') $(hostname)" | sudo tee --append /etc/hosts 65 | sudo curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash 66 | sudo echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list 67 | sudo curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - 68 | sudo apt-get update && sudo apt-get install -y google-cloud-sdk 69 | sudo pip install google-api-python-client 70 | echo "END" >> /tmp/userdata001.txt 71 | """ 72 | 73 | private_instance_userdata = """#!/bin/bash 74 | echo \"START\" > /tmp/userdata001.txt 75 | id >> /tmp/userdata001.txt 76 | uname -a >> /tmp/userdata001.txt 77 | #curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 78 | #sudo add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\" 79 | #sudo apt-get update 80 | #apt-cache policy docker-ce 81 | #sudo apt-get install -y docker-ce 82 | sudo chmod -x /etc/update-motd.d/90-updates-available 83 | sudo docker run --restart=always -d -p 8080:8080 cnoio/nbvulns001 84 | sudo docker run --restart=always -d -v /home/ubuntu:/home/ubuntu:ro --privileged -p 5000:5000 cnoio/nbvulns002 85 | sudo docker run --restart=always -d -p 8000:8000 cnoio/nbvulns003 86 | sudo docker run --restart=always -d -p 8081:8081 cnoio/nbvulns004 87 | sudo docker run --restart=always -d -v /home/ubuntu:/home/ubuntu:ro --privileged -p 5001:5001 cnoio/nbvulns005 88 | echo "END" >> /tmp/userdata001.txt 89 | """ 90 | #Standard Ubuntu 16 Image 91 | ami_public_mapping = { 92 | "us-east-2": {"AMI": "ami-6a003c0f"}, 93 | } 94 | 95 | #Ubuntu 16 image with Docker and Preloaded containers 96 | ami_private_mapping = { 97 | "us-east-2": {"AMI": "ami-0255fb45a92df418d"}, 98 | } 99 | 100 | def generate_template(service_name): 101 | t = Template() 102 | t.add_version('2010-09-09') 103 | 104 | t.add_description("""\ 105 | AWS CloudFormation Template for AWS Exploitation Lab """) 106 | 107 | t.add_mapping("PublicRegionMap", ami_public_mapping) 108 | t.add_mapping("PrivateRegionMap", ami_private_mapping) 109 | 110 | keyname_param = t.add_parameter( 111 | Parameter( 112 | 'KeyName', 113 | ConstraintDescription='must be the name of an existing EC2 KeyPair.', 114 | Description='Name of an existing EC2 KeyPair to enable SSH access to \ 115 | the instance', 116 | Type='AWS::EC2::KeyPair::KeyName', 117 | )) 118 | 119 | sshlocation_param = t.add_parameter( 120 | Parameter( 121 | 'SSHLocation', 122 | Description=' The IP address range that can be used to SSH to the EC2 \ 123 | instances', 124 | Type='String', 125 | MinLength='9', 126 | MaxLength='18', 127 | Default='0.0.0.0/0', 128 | AllowedPattern="(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})", 129 | ConstraintDescription=( 130 | "must be a valid IP CIDR range of the form x.x.x.x/x."), 131 | )) 132 | 133 | instanceType_param = t.add_parameter(Parameter( 134 | 'InstanceType', 135 | Type='String', 136 | Description='WebServer EC2 instance type', 137 | Default='t2.micro', 138 | AllowedValues=[ 139 | 't2.micro', 't2.small', 't2.medium', 140 | 'm3.medium', 'm3.large', 'm3.xlarge', 'm3.2xlarge', 141 | ], 142 | ConstraintDescription='must be a valid EC2 instance type.', 143 | )) 144 | 145 | ref_stack_id = Ref('AWS::StackId') 146 | 147 | ec2_role = t.add_resource(Role( 148 | "%sEC2Role" % service_name, 149 | AssumeRolePolicyDocument=awacs.aws.Policy( 150 | Statement=[ 151 | awacs.aws.Statement( 152 | Effect=awacs.aws.Allow, 153 | Action=[awacs.aws.Action("sts", "AssumeRole")], 154 | Principal=awacs.aws.Principal("Service", ["ec2.amazonaws.com"]) 155 | ) 156 | ] 157 | ) 158 | )) 159 | ec2_role.ManagedPolicyArns = [ 160 | "arn:aws:iam::aws:policy/ReadOnlyAccess" 161 | ] 162 | 163 | ec2_snapshot_policy_document = awacs.aws.Policy( 164 | Statement=[ 165 | awacs.aws.Statement( 166 | Sid="PermitEC2Snapshots", 167 | Effect=awacs.aws.Allow, 168 | Action=[ 169 | awacs.aws.Action("ec2", "CreateSnapshot"), 170 | awacs.aws.Action("ec2", "ModifySnapshotAttribute"), 171 | ], 172 | Resource=["*"] 173 | ) 174 | ] 175 | ) 176 | 177 | ec2_snapshot_policy = Policy( 178 | PolicyName="EC2SnapshotPermissions", 179 | PolicyDocument=ec2_snapshot_policy_document 180 | ) 181 | 182 | priv_ec2_role = t.add_resource(Role( 183 | "%sPrivEC2Role" % service_name, 184 | AssumeRolePolicyDocument=awacs.aws.Policy( 185 | Statement=[ 186 | awacs.aws.Statement( 187 | Effect=awacs.aws.Allow, 188 | Action=[awacs.aws.Action("sts", "AssumeRole")], 189 | Principal=awacs.aws.Principal("Service", ["ec2.amazonaws.com"]) 190 | ) 191 | ] 192 | ), 193 | Policies=[ec2_snapshot_policy] 194 | )) 195 | 196 | priv_ec2_role.ManagedPolicyArns = [ 197 | "arn:aws:iam::aws:policy/ReadOnlyAccess" 198 | ] 199 | 200 | VPC_ref = t.add_resource( 201 | VPC( 202 | 'VPC', 203 | CidrBlock='10.0.0.0/16', 204 | Tags=Tags( 205 | Application=ref_stack_id))) 206 | 207 | instanceProfile = t.add_resource( 208 | InstanceProfile( 209 | "InstanceProfile", 210 | InstanceProfileName="%sInstanceRole" % (service_name), 211 | Roles=[Ref(ec2_role)])) 212 | 213 | privInstanceProfile = t.add_resource( 214 | InstanceProfile( 215 | "PrivInstanceProfile", 216 | InstanceProfileName="%sPrivInstanceRole" % (service_name), 217 | Roles=[Ref(priv_ec2_role)])) 218 | 219 | public_subnet = t.add_resource( 220 | Subnet( 221 | '%sSubnetPublic' % service_name, 222 | MapPublicIpOnLaunch=True, 223 | CidrBlock='10.0.1.0/24', 224 | VpcId=Ref(VPC_ref), 225 | Tags=Tags( 226 | Application=ref_stack_id, 227 | Name="%sSubnet_public" % (service_name)) 228 | ) 229 | ) 230 | 231 | private_subnet = t.add_resource( 232 | Subnet( 233 | '%sSubnetPrivate' % service_name, 234 | MapPublicIpOnLaunch=False, 235 | CidrBlock='10.0.2.0/24', 236 | VpcId=Ref(VPC_ref), 237 | Tags=Tags( 238 | Application=ref_stack_id, 239 | Name="%sSubnet_private" % (service_name)) 240 | ) 241 | ) 242 | 243 | internetGateway = t.add_resource( 244 | InternetGateway( 245 | 'InternetGateway', 246 | Tags=Tags( 247 | Application=ref_stack_id, 248 | Name="%sInternetGateway" % service_name))) 249 | 250 | gatewayAttachment = t.add_resource( 251 | VPCGatewayAttachment( 252 | 'AttachGateway', 253 | VpcId=Ref(VPC_ref), 254 | InternetGatewayId=Ref(internetGateway))) 255 | 256 | routeTable = t.add_resource( 257 | RouteTable( 258 | 'RouteTable', 259 | VpcId=Ref(VPC_ref), 260 | Tags=Tags( 261 | Application=ref_stack_id, 262 | Name="%sRouteTable" % service_name))) 263 | 264 | route = t.add_resource( 265 | Route( 266 | 'Route', 267 | DependsOn='AttachGateway', 268 | GatewayId=Ref('InternetGateway'), 269 | DestinationCidrBlock='0.0.0.0/0', 270 | RouteTableId=Ref(routeTable), 271 | )) 272 | 273 | # Only associate this Route Table with the public subnet 274 | subnetRouteTableAssociation = t.add_resource( 275 | SubnetRouteTableAssociation( 276 | 'SubnetRouteTableAssociation', 277 | SubnetId=Ref(public_subnet), 278 | RouteTableId=Ref(routeTable), 279 | )) 280 | 281 | instanceSecurityGroup = t.add_resource( 282 | SecurityGroup( 283 | 'InstanceSecurityGroup', 284 | GroupDescription='%sSecurityGroup' % service_name, 285 | SecurityGroupIngress=[ 286 | SecurityGroupRule( 287 | IpProtocol='tcp', 288 | FromPort='22', 289 | ToPort='22', 290 | CidrIp=Ref(sshlocation_param)), 291 | SecurityGroupRule( 292 | IpProtocol='tcp', 293 | FromPort='80', 294 | ToPort='80', 295 | CidrIp='0.0.0.0/0'), 296 | SecurityGroupRule( 297 | IpProtocol='tcp', 298 | FromPort='1080', 299 | ToPort='1080', 300 | CidrIp='0.0.0.0/0'), 301 | SecurityGroupRule( 302 | IpProtocol='tcp', 303 | FromPort='443', 304 | ToPort='443', 305 | CidrIp='0.0.0.0/0'), 306 | SecurityGroupRule( 307 | IpProtocol='tcp', 308 | FromPort='0', 309 | ToPort='65535', 310 | CidrIp="10.0.0.0/8"), 311 | ], 312 | VpcId=Ref(VPC_ref), 313 | ) 314 | ) 315 | 316 | public_instance = t.add_resource( 317 | Instance( 318 | "Public%sInstance" % service_name, 319 | ImageId=FindInMap("PublicRegionMap", Ref("AWS::Region"), "AMI"), 320 | InstanceType=Ref(instanceType_param), 321 | KeyName=Ref(keyname_param), 322 | NetworkInterfaces=[ 323 | NetworkInterfaceProperty( 324 | GroupSet=[ 325 | Ref(instanceSecurityGroup)], 326 | AssociatePublicIpAddress='true', 327 | DeviceIndex='0', 328 | DeleteOnTermination='true', 329 | SubnetId=Ref(public_subnet))], 330 | UserData=Base64(public_instance_userdata), 331 | Tags=Tags( 332 | Application=ref_stack_id, 333 | Name='%sPublicInstance' % (service_name)) 334 | ) 335 | ) 336 | 337 | private_instance = t.add_resource( 338 | Instance( 339 | "Private%sInstance" % service_name, 340 | ImageId=FindInMap("PrivateRegionMap", Ref("AWS::Region"), "AMI"), 341 | InstanceType=Ref(instanceType_param), 342 | KeyName=Ref(keyname_param), 343 | NetworkInterfaces=[ 344 | NetworkInterfaceProperty( 345 | GroupSet=[ 346 | Ref(instanceSecurityGroup)], 347 | DeviceIndex='0', 348 | DeleteOnTermination='true', 349 | SubnetId=Ref(private_subnet))], 350 | UserData=Base64(private_instance_userdata), 351 | Tags=Tags( 352 | Application=ref_stack_id, 353 | Name='%sPrivateInstance' % (service_name)), 354 | IamInstanceProfile="%sPrivInstanceRole" % (service_name) 355 | ) 356 | ) 357 | 358 | outputs = [] 359 | outputs.append( 360 | Output( 361 | "PublicIP", 362 | Description="IP Address of Public Instance", 363 | Value=GetAtt(public_instance, "PublicIp"), 364 | ) 365 | ) 366 | t.add_output(outputs) 367 | 368 | # Set up S3 Bucket and CloudTrail 369 | S3Bucket = t.add_resource( 370 | Bucket( 371 | "S3Bucket", 372 | DeletionPolicy="Retain" 373 | ) 374 | ) 375 | 376 | S3PolicyDocument=awacs.aws.PolicyDocument( 377 | Id='EnforceServersideEncryption', 378 | Version='2012-10-17', 379 | Statement=[ 380 | awacs.aws.Statement( 381 | Sid='PermitCTBucketPut', 382 | Action=[s3.PutObject], 383 | Effect=awacs.aws.Allow, 384 | Principal=awacs.aws.Principal("Service", ["cloudtrail.amazonaws.com"]), 385 | Resource=[Join('', [s3.ARN(''), Ref(S3Bucket), "/*"])], 386 | ), 387 | awacs.aws.Statement( 388 | Sid='PermitCTBucketACLRead', 389 | Action=[s3.GetBucketAcl], 390 | Effect=awacs.aws.Allow, 391 | Principal=awacs.aws.Principal("Service", ["cloudtrail.amazonaws.com"]), 392 | Resource=[Join('', [s3.ARN(''), Ref(S3Bucket)])], 393 | ) 394 | ] 395 | ) 396 | 397 | S3BucketPolicy = t.add_resource( 398 | BucketPolicy( 399 | "BucketPolicy", 400 | PolicyDocument=S3PolicyDocument, 401 | Bucket=Ref(S3Bucket), 402 | DependsOn=[S3Bucket] 403 | ) 404 | ) 405 | 406 | myTrail = t.add_resource( 407 | Trail( 408 | "CloudTrail", 409 | IsLogging=True, 410 | S3BucketName=Ref(S3Bucket), 411 | DependsOn=["BucketPolicy"], 412 | ) 413 | ) 414 | myTrail.IsMultiRegionTrail = True 415 | myTrail.IncludeGlobalServiceEvents = True 416 | return t.to_json() 417 | 418 | 419 | def lambda_handler(event, context): 420 | # Prep the AZ & Region info for mapping 421 | # This is required because you can't iterate over AZs within a template. 422 | 423 | # input_region = raw_input("Specify AWS Region: ") 424 | # input_region = "us-east-1" 425 | service_name = "bluelizard" 426 | template = generate_template(service_name) 427 | outfile = "bh_template.json" 428 | output = open(outfile, "w+") 429 | output.write(template) 430 | print "Wrote to %s" % outfile 431 | output.close() 432 | 433 | lambda_handler(None, None) 434 | --------------------------------------------------------------------------------