Make a template for deploying T-Pot in multiple regions using terraform

2025-07-02 01:27:27 -04:00 · 2022-02-07 11:18:07 +00:00
parent 22bfb69f28
commit 83530588d0
8 changed files with 209 additions and 0 deletions
--- a/cloud/terraform/aws_multi_region/modules/multi-region/main.tf
+++ b/cloud/terraform/aws_multi_region/modules/multi-region/main.tf
@ -0,0 +1,69 @@
+variable "ec2_vpc_id" {}
+variable "ec2_subnet_id" {}
+variable "ec2_region" {}
+variable "linux_password" {}
+variable "web_password" {}
+variable "tpot_name" {}
+
+resource "aws_security_group" "tpot" {
+  name        = "T-Pot"
+  description = "T-Pot Honeypot"
+  vpc_id      = var.ec2_vpc_id
+  ingress {
+    from_port   = 0
+    to_port     = 64000
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  ingress {
+    from_port   = 0
+    to_port     = 64000
+    protocol    = "udp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  ingress {
+    from_port   = 64294
+    to_port     = 64294
+    protocol    = "tcp"
+    cidr_blocks = var.admin_ip
+  }
+  ingress {
+    from_port   = 64295
+    to_port     = 64295
+    protocol    = "tcp"
+    cidr_blocks = var.admin_ip
+  }
+  ingress {
+    from_port   = 64297
+    to_port     = 64297
+    protocol    = "tcp"
+    cidr_blocks = var.admin_ip
+  }
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  tags = {
+    Name = "T-Pot"
+  }
+}
+
+resource "aws_instance" "tpot" {
+  ami           = var.ec2_ami[var.ec2_region]
+  instance_type = var.ec2_instance_type
+  key_name      = var.ec2_ssh_key_name
+  subnet_id     = var.ec2_subnet_id
+  tags = {
+    Name = var.tpot_name
+  }
+  root_block_device {
+    volume_type           = "gp2"
+    volume_size           = 128
+    delete_on_termination = true
+  }
+  user_data                   = templatefile("../cloud-init.yaml", { timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password })
+  vpc_security_group_ids      = [aws_security_group.tpot.id]
+  associate_public_ip_address = true
+}
--- a/cloud/terraform/aws_multi_region/modules/multi-region/outputs.tf
+++ b/cloud/terraform/aws_multi_region/modules/multi-region/outputs.tf
@ -0,0 +1,12 @@
+output "Admin_UI" {
+  value = "https://${aws_instance.tpot.public_dns}:64294/"
+}
+
+output "SSH_Access" {
+  value = "ssh -i {private_key_file} -p 64295 admin@${aws_instance.tpot.public_dns}"
+}
+
+output "Web_UI" {
+  value = "https://${aws_instance.tpot.public_dns}:64297/"
+}
+
--- a/cloud/terraform/aws_multi_region/modules/multi-region/variables.tf
+++ b/cloud/terraform/aws_multi_region/modules/multi-region/variables.tf
@ -0,0 +1,57 @@
+variable "admin_ip" {
+  default     = ["152.37.108.93/32"]
+  description = "admin IP addresses in CIDR format"
+}
+
+variable "ec2_ssh_key_name" {
+  default = "default"
+}
+
+# https://aws.amazon.com/ec2/instance-types/
+variable "ec2_instance_type" {
+  default = "t3.xlarge"
+}
+
+# Refer to https://wiki.debian.org/Cloud/AmazonEC2Image/Buster
+variable "ec2_ami" {
+  type = map(string)
+  default = {
+    "af-south-1"     = "ami-0272d4f5fb1b98a0d"
+    "ap-east-1"      = "ami-00d242e2f23abf6d2"
+    "ap-northeast-1" = "ami-001c6b4d627e8be53"
+    "ap-northeast-2" = "ami-0d841ed4bf80e764c"
+    "ap-northeast-3" = "ami-01b0a01d770321320"
+    "ap-south-1"     = "ami-04ba7e5bd7c6f6929"
+    "ap-southeast-1" = "ami-0dca3eabb09c32ae2"
+    "ap-southeast-2" = "ami-03ff8684dc585ddae"
+    "ca-central-1"   = "ami-08af22d7c0382fd83"
+    "eu-central-1"   = "ami-0f41e297b3c53fab8"
+    "eu-north-1"     = "ami-0bbc6a00971c77d6d"
+    "eu-south-1"     = "ami-03ff8684dc585ddae"
+    "eu-west-1"      = "ami-080684ad73d431a05"
+    "eu-west-2"      = "ami-04b259723891dfc53"
+    "eu-west-3"      = "ami-00662eead74f66895"
+    "me-south-1"     = "ami-021a6c6047091ab5b"
+    "sa-east-1"      = "ami-0aac091cce68a049c"
+    "us-east-1"      = "ami-05ad4ed7f9c48178b"
+    "us-east-2"      = "ami-07640f3f27c0ad3d3"
+    "us-west-1"      = "ami-0c053f1d5f22eb09f"
+    "us-west-2"      = "ami-090cd3aed687b1ee1"
+  }
+}
+
+## cloud-init configuration ##
+variable "timezone" {
+  default = "UTC"
+}
+
+## These will go in the generated tpot.conf file ##
+variable "tpot_flavor" {
+  default     = "STANDARD"
+  description = "Specify your tpot flavor [STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN, MEDICAL]"
+}
+
+variable "web_user" {
+  default     = "webuser"
+  description = "Set a username for the web user"
+}
--- a/cloud/terraform/aws_multi_region/modules/multi-region/versions.tf
+++ b/cloud/terraform/aws_multi_region/modules/multi-region/versions.tf
@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "3.72.0"
+    }
+  }
+}