diff --git a/README_Terraform.md b/README_Terraform.md index ebf36d20..b0ed4a62 100644 --- a/README_Terraform.md +++ b/README_Terraform.md @@ -7,8 +7,12 @@ ### Clone this repository: `git clone https://github.com/DShield-ISC/dshield` -### Change into the automation directory: -`cd dshield/terraform/` +### Change into the `cloud provider` automation directory of choice: +- To deploy honeypots using AWS' infrastructure: + - `cd dshield/terraform/aws/` + +- To deploy honeypots using Microsoft Azure's infrastructure: + - `cd dshield/terraform/azure/` ### Adjust the required and optional variables to reflect the environment: ` variables.tf ` @@ -18,14 +22,20 @@ - **dshield_email** - **dshield_apikey** - **dshield_userid** -- **aws_ssh_key_pub** -- **aws_ssh_key_priv** -- **aws_credentials** +- **aws_ssh_key_pub** _OR_ **azure_ssh_key_pub** _depending on provider_ +- **aws_ssh_key_priv** _OR_ **azure_ssh_key_priv** _depending on provider_ +- **aws_credentials** _if using **AWS**_ +- **azure_tenant_id** _if using **Azure Service Principal**_ +- **azure_subscription_id** _if using **Azure Service Principal**_ +- **azure_client_id** _if using **Azure Service Principal**_ +- **azure_client_secret** _if using **Azure Service Principal**_ ### Optional variables: - **honeypot_nodes** (default: `1` *increase to scale horizontally*) -- **aws_region** (default: `us-east-1`) -- **aws_ec2_size** (default: `t2.micro`) +- **aws_region** (default: `us-east-1`) _if using **AWS**_ +- **aws_ec2_size** (default: `t2.micro`) _if using **AWS**_ +- **azure_region** (default: `East US`) _if using **Azure**_ +- **azure_image_size** (default: `Standard_B1ls`) _if using **Azure**_ - **honeypot_network** (default: `10.40.0.0/16` for VPC & `10.40.0.0/24` for SG) - **honeypot_ssh_port** (default: `12222`) - **dshield_ca_country** (default: `US`) @@ -38,6 +48,8 @@ - AWS credentials are contained in the default location: - `~/.aws/credentials` +- Azure credentials are successfully validated using `az login` prior to plan/apply + - SSH credentials are contained in the default location: - `~/.ssh/id_rsa` - `~/.ssh/id_rsa.pub` diff --git a/terraform/scripts/install_reqs.sh b/terraform/scripts/install_reqs.sh index c66e140e..22b381a7 100644 --- a/terraform/scripts/install_reqs.sh +++ b/terraform/scripts/install_reqs.sh @@ -1,11 +1,11 @@ #! /bin/bash -sudo apt update && \ -sudo apt full-upgrade -y && \ -#sudo apt install python3.7 -y && \ -#sudo update-alternatives --set python /usr/bin/python3.7 && \ -#sudo apt update && \ -#curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip2.py && \ -#curl https://bootstrap.pypa.io/pip/get-pip.py --output get-pip3.py && \ -#sudo python2 get-pip2.py && \ -#sudo python3 get-pip3.py && \ +sudo tee /etc/apt/apt.conf.d/00-local << EOF +Dpkg::Options { + "--force-confdef"; + "--force-confold"; +} +EOF +export DEBIAN_FRONTEND=noninteractive && \ +sudo -E apt update && \ +sudo -E apt full-upgrade -y && \ sudo systemctl restart sshd diff --git a/terraform/templates/dshield_ini.tpl b/terraform/templates/dshield_ini.tpl index 19178508..511bc2d9 100644 --- a/terraform/templates/dshield_ini.tpl +++ b/terraform/templates/dshield_ini.tpl @@ -1,6 +1,6 @@ [DShield] interface=eth0 -version=91 +version=93 email=${dshield_email} userid=${dshield_userid} apikey=${dshield_apikey}