| .. | ||
| aws | ||
| otc | ||
| .gitignore | ||
| cloud-init.yaml | ||
| README.md | ||
T-Pot Terraform
This Terraform configuration can be used to provision a T-Pot instance in AWS in addition to all of the necessary pre-requisites. Specifically, the following resources will be created:
- EC2 instance:
- t3.large (2 vCPU, 8 GiB RAM)
- 128GB disk
- Debian Stretch (The T-Pot installation script will then upgrade this to Debian Sid)
- AWS Security Group:
- TCP/UDP ports <= 64000 open to the Internet
- TCP ports 64294, 64295 and 64297 open to a chosen administrative IP
Cloud-init is used to bootstrap the instance and install T-Pot on startup. Additional provisioning using Ansible etc. is not required.
The following resources are NOT automatically created and need to be specified in the configuration below:
- VPC
- Subnet
Pre-Requisites
- Terraform 0.12
- AWS Account
- Existing VPC. VPC ID should be specified in configuration below
- Existing subnet. Subnet ID should be specified in configuration below
- AWS Authentication credentials should be set using environment variables
Required Configuration Changes
Terraform Variables
In aws/variables.tf, change the following variables to correspond to your existing EC2 infrastructure:
admin_ip- source IP address(es) that you will use to administer the system. Connections to TCP ports 64294, 64295 and 64297 will be allowed from this IP only. Multiple IPs or CIDR blocks can be specified in the format:["127.0.0.1/32", "192.168.0.0/24"]ec2_vpc_idec2_subnet_idec2_region
Admin Credentials
In tpot.conf, change the following variables:
myCONF_WEB_USER='webuser'
myCONF_WEB_PW='w3b$ecret'
This will be used to configure credentials for the T-Pot Kibana interface. Refer to Options for more information.
Initialising
The terraform init command is used to initialize a working directory containing Terraform configuration files.
$ cd aws
$ terraform init
Initializing the backend...
Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "aws" (terraform-providers/aws) 2.16.0...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.aws: version = "~> 2.16"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Applying the Configuration
The terraform apply command is used to apply the changes required to reach the desired state of the configuration, or the pre-determined set of actions generated by a terraform plan execution plan.
$ terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_instance.tpot will be created
...
# aws_security_group.tpot will be created
...
Plan: 2 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value:
This will perform the following actions:
- Create EC2 security group
- Start a Debian EC2 instance
- Update all packages and reboot if necessary
- Install T-Pot and required dependencies
- Reboot
Connecting to the Instance
When the installation is completed, you can proceed with connecting/logging in to the T-Pot according to the documentation.