Move to subfolder & adapt paths

cloud/open-telekom-cloud/.ecs_settings.sh

@@ -0,0 +1,15 @@
+# Set password for user linux
+linuxpass=LiNuXuSeRPaSs#
+
+# Custom EWS config
+custom_ews=false
+
+# Set ECS related stuff
+instance=s2.medium.8
+imagename=Standard_Debian_9_latest
+subnet=your-subnet
+vpcname=your-vpc
+secgroup=your-sg
+keyname=your-KeyPair
+disksize=128
+az=eu-de-03

cloud/open-telekom-cloud/.gitignore

@@ -0,0 +1,11 @@
+# Ansible
+*.retry
+
+# Generated hosts
+hosts/
+
+# Cloned git repository
+otc-tools/
+
+# All log files
+*.log

cloud/open-telekom-cloud/.hpfeeds_settings.sh

@@ -0,0 +1,8 @@
+myENABLE=false
+myHOST=host
+myPORT=port
+myCHANNEL=channels
+myIDENT=user
+mySECRET=secret
+myCERT=false
+myFORMAT=json

cloud/open-telekom-cloud/.otc_env.sh

@@ -0,0 +1,5 @@
+export OS_USERNAME=your_api_user
+export OS_PASSWORD=your_password
+export OS_USER_DOMAIN_NAME=OTC-EU-DE-000000000010000XXXXX
+export OS_PROJECT_NAME=eu-de_your_project
+export OS_AUTH_URL=https://iam.eu-de.otc.t-systems.com/v3

cloud/open-telekom-cloud/README.md

@@ -0,0 +1,227 @@
+# Ansible T-Pot Deployment on Open Telekom Cloud :cloud:
+
+Here you can find a ready-to-use solution for your automated T-Pot deployment using [Ansible](https://www.ansible.com/).  
+It consists of multiple Ansible Playbooks, which can be reused across all Cloud Providers (like AWS, Azure, Digital Ocean).  
+This example showcases the deployment on our own Public Cloud Offering [Open Telekom Cloud](https://open-telekom-cloud.com/en).
+
+# Table of contents
+- [Installation of Ansible Master](#installation)
+  - [Packages](#packages)
+  - [Agent Forwarding](#agent-forwarding)
+- [Preparations in Open Telekom Cloud Console](#preparation)
+  - [Create new project](#project)
+  - [Create API user](#api-user)
+  - [Import Key Pair](#key-pair)
+  - [Create VPC, Subnet and Security Group](#vpc-subnet-securitygroup)
+- [Clone Git Repository](#clone-git)
+- [Settings and recommended values](#settings)
+  - [Configure `.otc_env.sh`](#otc-env)
+  - [Configure `.ecs_settings.sh`](#ecs-settings)
+  - [Configure `tpot.conf.dist`](#tpot-conf)
+  - [Optional: Custom `ews.cfg`](#ews-cfg)
+  - [Optional: Configure `.hpfeeds_settings.sh`](#hpfeeds)
+- [Deploying a T-Pot](#deploy)
+- [Further documentation](#documentation)
+
+<a name="installation"></a>
+# Installation of Ansible Master
+You can either run the deploy script locally on your Linux or MacOS machine or you can use an ECS (Elastic Cloud Server) on Open Telekom Cloud, which I did.  
+I used Ubuntu 18.04 for my Ansible Master Server, but other OSes are fine too.  
+Ansible works over the SSH Port, so you don't have to add any special rules to you Security Group.
+
+<a name="packages"></a>
+## Packages
+At first we need to add the repository and install Ansible:  
+`sudo apt-add-repository --yes --update ppa:ansible/ansible`  
+`sudo apt install ansible`
+
+Also we need **pwegen** (for creating T-Pot names) and **jq** (a JSON processor):  
+`sudo apt install pwgen jq`
+
+<a name="agent-forwarding"></a>
+## Agent Forwarding
+Agent forwarding must be enabled in order to let Ansible do its work.  
+- On Linux or MacOS:  
+  - Create or edit `~/.ssh/config`
+  - If you execute the script remotely on your Ansible Master Server:
+    ```
+    Host ANSIBLE_MASTER_IP
+    ForwardAgent yes
+    ```
+  - If you execute the script locally, enable it for all Hosts, as this includes newly generated T-Pots:
+    ```
+    Host *
+    ForwardAgent yes
+    ```
+- On Windows using Putty:  
+![Putty Agent Forwarding](doc/putty_agent_forwarding.png)
+
+<a name="preparation"></a>
+# Preparations in Open Telekom Cloud Console
+(You can skip this if you have already set up an API account, VPC and ...)  
+(Just make sure you know the naming for everything, as you will need it to configure the script.)
+
+Before we can start deploying, we have to prepare the Open Telekom Cloud Tennant.  
+For that, go to the [Web Console](https://auth.otc.t-systems.com/authui/login) and log in with an admin user.
+
+<a name="project"></a>
+## Create new project
+I strongly advise you, to create a separate project for the T-Pots in your tennant.  
+In my case I named it `tpot`.
+
+![Create new project](doc/otc_1_project.gif)
+
+<a name="api-user"></a>
+## Create API user
+The next step is to create a new user account, which is restricted to the project.  
+This ensures that the API access is limited to that project.
+
+![Create API user](doc/otc_2_user.gif)
+
+<a name="key-pair"></a>
+## Import Key Pair
+:warning: Now log in with the newly created user account and select your project.
+
+![Login as API user](doc/otc_3_login.gif)
+
+
+Import your SSH public key.
+
+![Import SSH Public Key](doc/otc_4_import_key.gif)
+
+<a name="vpc-subnet-securitygroup"></a>
+## Create VPC, Subnet and Security Group
+- VPC (Virtual Private Cloud) and Subnet:
+
+![Create VPC and Subnet](doc/otc_5_vpc_subnet.gif)
+
+- Security Group:  
+The configured Security Group should allow all incoming TCP / UDP traffic.  
+If you want to secure the management interfaces, you can limit the incoming "allow all" traffic to the port range of 1-64000 and allow access to ports > 64000 only from your trusted IPs.
+
+![Create Security Group](doc/otc_6_sec_group.gif)
+
+<a name="clone-git"></a>
+# Clone Git Repository
+Clone the `tpotce` repository to your Ansible Master:  
+`git clone https://github.com/dtag-dev-sec/tpotce.git`  
+All Ansible and automatic deployment related files are located in the [`cloud`](../cloud) folder.
+
+<a name="settings"></a>
+# Settings and recommended values
+You can configure all aspects of your ECS and T-Pot before using the script.  
+The settings are located in the following files:
+
+<a name="otc-env"></a>
+## Configure `.otc_env.sh`
+Enter your Open Telekom Cloud API user credentials here (username, password, tennant-ID, project name):  
+```
+export OS_USERNAME=your_api_user
+export OS_PASSWORD=your_password
+export OS_USER_DOMAIN_NAME=OTC-EU-DE-000000000010000XXXXX
+export OS_PROJECT_NAME=eu-de_your_project
+export OS_AUTH_URL=https://iam.eu-de.otc.t-systems.com/v3
+```
+
+<a name="ecs-settings"></a>
+## Configure `.ecs_settings.sh`
+Here you can customize your Elastic Cloud Server (ECS):
+  - Password for the user `linux` (**you should definitely change that**)
+  - (Optional) For using a custom `ews.cfg` set to `true`; See here: [Optional: Custom `ews.cfg`](#ews-cfg)
+  - (Optional) Change the instance type (flavor) of the ECS.  
+    `s2.medium.8` corresponds to 1 vCPU and 8GB of RAM and is the minimum required flavor.  
+    A full list of flavors can be found [here](https://docs.otc.t-systems.com/en-us/usermanual/ecs/en-us_topic_0035470096.html).
+  - Change the OS (Don't touch; for T-Pot we need Debian 9)
+  - Specify the VPC, Subnet, Security Group and Key Pair you created before
+  - (Optional) Change the disk size
+  - You can choose from multiple Availibility Zones (AZ). For reference see [here](https://docs.otc.t-systems.com/en-us/endpoint/index.html).
+
+```
+# Set password for user linux
+linuxpass=LiNuXuSeRPaSs#
+
+# Custom EWS config
+custom_ews=false
+
+# Set ECS related stuff
+instance=s2.medium.8
+imagename=Standard_Debian_9_latest
+subnet=your-subnet
+vpcname=your-vpc
+secgroup=your-sg
+keyname=your-KeyPair
+disksize=128
+az=eu-de-03
+```
+
+<a name="tpot-conf"></a>
+## Configure `tpot.conf.dist`
+The file is located in [`iso/installer/tpot.conf.dist`](../../iso/installer/tpot.conf.dist).  
+Here you can choose:
+  - between the various T-Pot editions
+  - a username for the web interface
+  - a password for the web interface (**you should definitely change that**)
+
+```
+# tpot configuration file
+# myCONF_TPOT_FLAVOR=[STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN, LEGACY]
+myCONF_TPOT_FLAVOR='STANDARD'
+myCONF_WEB_USER='webuser'
+myCONF_WEB_PW='w3b$ecret'
+```
+
+<a name="ews-cfg"></a>
+## Optional: Custom `ews.cfg`
+To enable this feature, set `custom_ews=true` in `.ecs_settings.sh`; See here:  [Configure `.ecs_settings.sh`](#ecs-settings)  
+
+Here you can create a custom config file for `ewsposter`.  
+e.g. when you have your own credentials for delivering data to our [Sicherheitstacho](https://sicherheitstacho.eu/start/main).  
+You can find the `ews.cfg` template file here: [`ansible/roles/custom_ews/templates/ews.cfg`](ansible/roles/custom_ews/templates/ews.cfg) and adapt it for your needs.
+
+For setting custom credentials, these settings would be relevant for you (the rest of the file can stay as is):  
+```
+[MAIN]
+...
+contact = your_email_address
+...
+
+[EWS]
+...
+username = your_username
+token = your_token
+...
+```
+
+<a name="hpfeeds"></a>
+## Optional: Configure `.hpfeeds_settings.sh`
+When the `custom_ews=true` setting is set in`.ecs_settings.sh` (see here:  [Configure `.ecs_settings.sh`](#ecs-settings)), you can also specify custom HPFEEDS in `.hpfeeds_settings.sh`.  
+e.g. for SISSDEN: 
+```
+myENABLE=true
+myHOST=hpfeeds.sissden.eu
+myPORT=10000
+myCHANNEL=t-pot.events
+myIDENT=your_user
+mySECRET=your_secret
+myCERT=/opt/ewsposter/sissden.pem
+myFORMAT=json
+```
+
+<a name="deploy"></a>
+# Deploying a T-Pot :honey_pot::honeybee:
+Now, after configuring everything, we can finally start deploying T-Pots:  
+`./deploy_ansible_otc_t-pot.sh`  
+(Yes, it is as easy as that :smile:)
+
+The script will first create an Open Telekom Cloud ECS via the API.  
+After that, the Ansible Playbooks are executed on the newly created Host to install the T-Pot and configure everything.
+
+You can see the progress of every step in the console output.  
+If something should go wrong, you will be provided with an according error message, that you can hopefully act upon and retry.
+
+<a name="documentation"></a>
+# Further documentation
+- [Ansible Documentation](https://docs.ansible.com/ansible/latest/)
+- [Open Telekom Cloud Help Center](https://docs.otc.t-systems.com/)
+- [Open Telekom Cloud API Overview](https://docs.otc.t-systems.com/en-us/api/wp/en-us_topic_0052070394.html)
+- [otc-tools](https://github.com/OpenTelekomCloud/otc-tools) on GitHub

cloud/open-telekom-cloud/ansible/custom_ews.yaml

@@ -0,0 +1,10 @@
+# This playbook sets a custom EWS config on the T-Pot
+
+- hosts: TPOT
+  remote_user: linux
+  become: yes
+  become_user: root
+  become_method: sudo
+
+  roles:
+    - custom_ews

cloud/open-telekom-cloud/ansible/install.yaml

@@ -0,0 +1,13 @@
+# This playbook deploys a T-Pot
+
+- hosts: TPOT
+  remote_user: linux
+  become: yes
+  become_user: root
+  become_method: sudo
+  gather_facts: no
+
+  roles:
+    - install
+
+

cloud/open-telekom-cloud/ansible/reboot.yaml

@@ -0,0 +1,12 @@
+# This playbook reboots a T-Pot
+
+- hosts: TPOT
+  remote_user: linux
+  become: yes
+  become_user: root
+  become_method: sudo
+
+  tasks:
+    - name: Finally rebooting t-pot in one minute - make sure your next login is on port 64295 or via https:// on port 64297
+      shell: /sbin/shutdown -r -t 1
+      become: true

cloud/open-telekom-cloud/ansible/roles/custom_ews/tasks/main.yaml

@@ -0,0 +1,40 @@
+- name: Copy ews configuration file
+  template:
+    src: ../templates/ews.cfg
+    dest: /data/ews/conf
+    owner: root
+    group: root
+    mode: 0644
+
+- name: Patching tpot.yml with custom ews configuration file
+  lineinfile:
+    path: /opt/tpot/etc/tpot.yml
+    insertafter: '/opt/ewsposter/ews.ip'
+    line: '     - /data/ews/conf/ews.cfg:/opt/ewsposter/ews.cfg'
+
+- name: Lookup HPFEED environment variables
+  set_fact:
+    myENABLE: "{{ lookup('env', 'myENABLE') }}"
+    myHOST: "{{ lookup('env', 'myHOST') }}"
+    myPORT: "{{ lookup('env', 'myPORT') }}"
+    myCHANNEL: "{{ lookup('env', 'myCHANNEL') }}"
+    myIDENT: "{{ lookup('env', 'myIDENT') }}"
+    mySECRET: "{{ lookup('env', 'mySECRET') }}"
+    myCERT: "{{ lookup('env', 'myCERT') }}"
+    myFORMAT: "{{ lookup('env', 'myFORMAT') }}"
+
+- name: Apply HPFEED settings in tpot.yml
+  lineinfile:
+    path: /opt/tpot/etc/tpot.yml
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+  with_items:
+    - { regexp: 'EWS_HPFEEDS_ENABLE.*', line: '     - EWS_HPFEEDS_ENABLE={{ myENABLE | lower }}' }
+    - { regexp: 'EWS_HPFEEDS_HOST.*', line: '     - EWS_HPFEEDS_HOST={{ myHOST }}' }
+    - { regexp: 'EWS_HPFEEDS_PORT.*', line: '     - EWS_HPFEEDS_PORT={{ myPORT }}' }
+    - { regexp: 'EWS_HPFEEDS_CHANNELS.*', line: '     - EWS_HPFEEDS_CHANNELS={{ myCHANNEL }}' }
+    - { regexp: 'EWS_HPFEEDS_IDENT.*', line: '     - EWS_HPFEEDS_IDENT={{ myIDENT }}' }
+    - { regexp: 'EWS_HPFEEDS_SECRET.*', line: '     - EWS_HPFEEDS_SECRET={{ mySECRET }}' }
+    - { regexp: 'EWS_HPFEEDS_TLSCERT.*', line: '     - EWS_HPFEEDS_TLSCERT={{ myCERT }}' }
+    - { regexp: 'EWS_HPFEEDS_TLSCERT.False', line: '     - EWS_HPFEEDS_TLSCERT={{ myCERT | lower }}' }
+    - { regexp: 'EWS_HPFEEDS_FORMAT.*', line: '     - EWS_HPFEEDS_FORMAT={{ myFORMAT }}' }

cloud/open-telekom-cloud/ansible/roles/custom_ews/templates/ews.cfg

@@ -0,0 +1,137 @@
+[MAIN]
+homedir = /opt/ewsposter/
+spooldir = /opt/ewsposter/spool/
+logdir = /opt/ewsposter/log/
+del_malware_after_send = false
+send_malware = true
+sendlimit = 500
+contact = your_email_address
+proxy =
+ip =
+
+[EWS]
+ews = true
+username = your_username
+token = your_token
+rhost_first = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
+rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
+ignorecert = false
+
+[HPFEED]
+hpfeed = %(EWS_HPFEEDS_ENABLE)s
+host = %(EWS_HPFEEDS_HOST)s
+port = %(EWS_HPFEEDS_PORT)s
+channels = %(EWS_HPFEEDS_CHANNELS)s
+ident = %(EWS_HPFEEDS_IDENT)s
+secret= %(EWS_HPFEEDS_SECRET)s
+# path/to/certificate for tls broker - or "false" for non-tls broker
+tlscert = %(EWS_HPFEEDS_TLSCERT)s
+# hpfeeds submission format: "ews" (xml) or "json"
+hpfformat = %(EWS_HPFEEDS_FORMAT)s
+
+[EWSJSON]
+json = false
+jsondir = /data/ews/json/
+
+[GLASTOPFV3]
+glastopfv3 = true
+nodeid = glastopfv3-{{ HPNAME }}
+sqlitedb = /data/glastopf/db/glastopf.db
+malwaredir = /data/glastopf/data/files/
+
+[GLASTOPFV2]
+glastopfv2 = false
+nodeid =
+mysqlhost =
+mysqldb =
+mysqluser =
+mysqlpw =
+malwaredir =
+
+[KIPPO]
+kippo = false
+nodeid =
+mysqlhost =
+mysqldb =
+mysqluser =
+mysqlpw =
+malwaredir =
+
+[COWRIE]
+cowrie = true
+nodeid = cowrie-{{ HPNAME }}
+logfile = /data/cowrie/log/cowrie.json
+
+[DIONAEA]
+dionaea = true
+nodeid = dionaea-{{ HPNAME }}
+malwaredir = /data/dionaea/binaries/
+sqlitedb = /data/dionaea/log/dionaea.sqlite
+
+[HONEYTRAP]
+honeytrap = true
+nodeid = honeytrap-{{ HPNAME }}
+newversion = true
+payloaddir = /data/honeytrap/attacks/
+attackerfile = /data/honeytrap/log/attacker.log
+
+[RDPDETECT]
+rdpdetect = false
+nodeid =
+iptableslog =
+targetip =
+
+[EMOBILITY]
+eMobility = false
+nodeid = emobility-{{ HPNAME }}
+logfile = /data/emobility/log/centralsystemEWS.log
+
+[CONPOT]
+conpot = true
+nodeid = conpot-{{ HPNAME }}
+logfile = /data/conpot/log/conpot*.json
+
+[ELASTICPOT]
+elasticpot = true
+nodeid = elasticpot-{{ HPNAME }}
+logfile = /data/elasticpot/log/elasticpot.log
+
+[SURICATA]
+suricata = true
+nodeid = suricata-{{ HPNAME }}
+logfile = /data/suricata/log/eve.json
+
+[MAILONEY]
+mailoney = true
+nodeid = mailoney-{{ HPNAME }}
+logfile = /data/mailoney/log/commands.log
+
+[RDPY]
+rdpy = true
+nodeid = rdpy-{{ HPNAME }}
+logfile = /data/rdpy/log/rdpy.log
+
+[VNCLOWPOT]
+vnclowpot = true
+nodeid = vnclowpot-{{ HPNAME }}
+logfile = /data/vnclowpot/log/vnclowpot.log
+
+[HERALDING]
+heralding = true
+nodeid = heralding-{{ HPNAME }}
+logfile = /data/heralding/log/auth.csv
+
+[CISCOASA]
+ciscoasa = true
+nodeid = ciscoasa-{{ HPNAME }}
+logfile = /data/ciscoasa/log/ciscoasa.log
+
+[TANNER]
+tanner = true
+nodeid = tanner-{{ HPNAME }}
+logfile = /data/tanner/log/tanner_report.json
+
+[GLUTTON]
+glutton = true
+nodeid = glutton-{{ HPNAME }}
+logfile = /data/glutton/log/glutton.log

cloud/open-telekom-cloud/ansible/roles/install/tasks/main.yaml

@@ -0,0 +1,50 @@
+- name: Waiting for SSH connection
+  wait_for_connection:
+    delay: 30
+    timeout: 300
+
+- name: Gathering Facts
+  setup:
+
+- name: Cloning t-pot install directory
+  git:
+    repo: 'https://github.com/dtag-dev-sec/tpotce.git'
+    dest: /root/tpot
+
+- name: Prepare to set user password 
+  set_fact:
+    user_password: "{{ lookup('env', 'LINUX_PASS') }}"
+    user_salt: 's0mew1ck3dTpoT'
+
+- name: Changing password for user linux to {{ user_password }}
+  user:
+   name: "linux"
+   password: "{{ user_password | password_hash('sha512', user_salt) }}"
+   state: present
+   shell: /bin/bash
+   update_password: always
+
+- name: Copy t-pot configuration file
+  template:
+    src: ../../../../../../iso/installer/tpot.conf.dist
+    dest: /root/tpot.conf
+    owner: root
+    group: root
+    mode: 0644
+
+- name: Install t-pot on ECS -  be patient, this might take 15 to 30 minutes depending on the connection speed. No further output is given. 
+  command: /root/tpot/iso/installer/install.sh --type=auto --conf=/root/tpot.conf
+
+- name: Delete t-pot configuration file
+  file:
+    path: /root/tpot.conf
+    state: absent
+
+- name: Change unattended-upgrades to take default action
+  blockinfile:
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    block: |
+      Dpkg::Options {
+        "--force-confdef";
+        "--force-confold";
+      }

cloud/open-telekom-cloud/deploy_ansible_otc_t-pot.sh

@@ -0,0 +1,133 @@
+#!/bin/bash
+
+# Check if required packages are installed
+if ! hash ansible 2>/dev/null; then
+    echo "### Package 'ansible' is missing. Please install it with:"
+    echo "    sudo apt-add-repository --yes --update ppa:ansible/ansible"
+    echo "    sudo apt install ansible"
+    exit 1
+fi
+
+if ! hash pwgen 2>/dev/null; then
+    echo "### Package 'pwgen' is missing. Please install it with:"
+    echo "    sudo apt install pwgen"
+    exit 1
+fi
+
+if ! hash jq 2>/dev/null; then
+    echo "### Package 'jq' is missing. Please install it with:"
+    echo "    sudo apt install jq"
+    exit 1
+fi
+
+# Check for Agent Forwarding
+if ! printenv | grep SSH_AUTH_SOCK > /dev/null; then
+    echo "### Agent forwarding seems to be disabled."
+    echo "### In order to let Ansible do its work, please enable it."
+    exit 1
+fi
+
+# Import ECS settings
+source .ecs_settings.sh
+
+# Import OTC authentication credentials
+source .otc_env.sh
+
+# Import HPFEED settings
+source .hpfeeds_settings.sh
+
+# Password is later used by Ansible
+export LINUX_PASS=$linuxpass
+
+# HPFEED settings are later used by Ansible
+export myENABLE=$myENABLE
+export myHOST=$myHOST
+export myPORT=$myPORT
+export myCHANNEL=$myCHANNEL
+export myIDENT=$myIDENT
+export mySECRET=$mySECRET
+export myCERT=$myCERT
+export myFORMAT=$myFORMAT
+
+# Ignore ssh host keys as they are new anyway
+export ANSIBLE_HOST_KEY_CHECKING=False
+
+# Create hosts directory
+mkdir -p hosts
+
+# Create random ID
+HPNAME=t-pot-otc-$(pwgen -ns 6 -1)
+
+# Get otc-tools
+echo "### Cloning otc-tools..."
+git clone https://github.com/OpenTelekomCloud/otc-tools.git  2>/dev/null
+
+# Create ECS via OTC API
+echo "### Creating new ECS host via OTC API..."
+./otc-tools/otc.sh ecs create \
+    --instance-type       $instance\
+    --instance-name       $HPNAME\
+    --image-name          $imagename\
+    --subnet-name         $subnet\
+    --vpc-name            $vpcname\
+    --security-group-name $secgroup\
+    --admin-pass          $linuxpass\
+    --key-name            $keyname\
+    --public              true\
+    --disksize            $disksize\
+    --disktype            SATA\
+    --az	          $az\
+    --wait \
+2> otc_tools.log
+
+if [ $? -eq 0 ]; then
+
+    if [ "$(uname)" == "Darwin" ]; then
+        PUBIP=$(./otc-tools/otc.sh ecs list 2>/dev/null | grep $HPNAME|cut -d "," -f2 |cut -d "\"" -f 2)
+    else
+        PUBIP=$(./otc-tools/otc.sh ecs list 2>/dev/null | grep $HPNAME|cut -d " " -f17)
+    fi
+
+    echo "[TPOT]" > ./hosts/$HPNAME
+    echo $PUBIP  HPNAME=$HPNAME>> ./hosts/$HPNAME
+    echo "### NEW HOST $HPNAME ON IP $PUBIP"
+
+    ansible-playbook -i ./hosts/$HPNAME ./ansible/install.yaml
+
+    if [ $custom_ews = true ]; then
+
+        ansible-playbook -i ./hosts/$HPNAME ./ansible/custom_ews.yaml
+
+    fi
+
+    ansible-playbook -i ./hosts/$HPNAME ./ansible/reboot.yaml
+
+    echo "***********************************************"
+    echo "*****        SSH TO TARGET: "
+    echo "*****        ssh linux@$PUBIP -p 64295"
+    echo "***********************************************"
+
+else
+
+    if grep 'Flavor' otc_tools.log > /dev/null; then
+        echo "### Specified ECS Flavor not found"
+    elif grep 'No image found by name' otc_tools.log > /dev/null; then
+        echo "### Specified Image not found"
+    elif grep 'No subnet found by name' otc_tools.log > /dev/null; then
+        echo "### Specified Subnet not found"
+    elif grep 'No VPC found by name' otc_tools.log > /dev/null; then
+        echo "### Specified VPC not found"
+    elif grep 'No security-group found by name' otc_tools.log > /dev/null; then
+        echo "### Specified Security Group not found"
+    elif grep 'Invalid key_name provided' otc_tools.log > /dev/null; then
+        echo "### Specified Key Pair not found"
+    elif grep 'availability_zone' otc_tools.log > /dev/null; then
+        echo "### Specified Availability Zone not found"
+    elif grep 'quota' otc_tools.log > /dev/null; then
+        echo "### Quota exceeded. Please check your available quotas online"
+        echo "### You can either delete unused resources or apply for a higher quota"
+    fi
+
+    echo "### ECS creation unsuccessful. Aborting..."
+
+fi