AWS infrastructure for Cyber Hygiene and BOD 18-01 scanning
The AMIs are built like so:
cd packeransible-galaxy install --role-file ansible/requirements.ymlpacker build bastion.jsonpacker build dashboard.jsonpacker build docker.jsonpacker build mongo.jsonpacker build nessus.jsonpacker build nmap.jsonpacker build reporter.json
If building a non-default image (for testing as an example) the prefix for the
created AMI can be changed from the default value of cyhy like so:
packer build -var ami_prefix=testing bastion.json
Also note that
ansible-galaxy install --force --role-file ansible/requirements.yml
will update the roles that are being pulled from external sources. This
may be required, for example, if a role that is being pulled from a
GitHub repository has been updated and you want the new changes. By
default ansible-galaxy install will not upgrade roles.
The Terraform-based infrastructure is built like so:
ansible-galaxy install --role-file ansible/requirements.ymlcd terraformterraform workspace select <your_workspace>terraform initterraform apply -var-file=<your_workspace>.tfvars
Again, in some cases you may find it useful to add the --force flag
to the ansible-galaxy command.
The Terraform-based infrastructure is torn down like so:
cd terraformterraform workspace select <your_workspace>terraform initterraform destroy -var-file=<your_workspace>.tfvars
We welcome contributions! Please see CONTRIBUTING.md for
details.
This project is in the worldwide public domain.
This project is in the public domain within the United States, and
copyright and related rights in the work worldwide are waived through
the CC0 1.0 Universal public domain
dedication.
All contributions to this project will be released under the CC0
dedication. By submitting a pull request, you are agreeing to comply
with this waiver of copyright interest.