Remove requirement for default VPC and default subnets from aws.exfil…

…tration.rds-share-snapshot. Add output indicating if an attack technique is slow (#284) * Remove requirement for default VPC and default subnets from aws.exfiltration.rds-share-snapshot. Add output indicating if an attack technique is slow. * Revert reordered imports * Update note about slow attack techniques * Closes #140, #141 Co-authored-by: Christophe Tafani-Dereeper <christophe@tafani-dereeper.me>
DataDog · Dec 7, 2022 · f193d0a · f193d0a
1 parent cc6941e
commit f193d0a
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 1 deletion.
diff --git a/v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.tf b/v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.tf
@@ -28,13 +28,35 @@ locals {
   resource_prefix = "stratus-red-team-share-snap"
 }
 
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
+module "vpc" {
+  source = "terraform-aws-modules/vpc/aws"
+
+  name = "${local.resource_prefix}-vpc"
+  cidr = "10.0.0.0/16"
+
+  azs              = [data.aws_availability_zones.available.names[0], data.aws_availability_zones.available.names[1]]
+  database_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
+
+  map_public_ip_on_launch = false
+  enable_nat_gateway      = false
+
+  tags = {
+    StratusRedTeam = true
+  }
+}
+
 resource "aws_db_instance" "default" {
   allocated_storage       = 10 // minimum size
   engine                  = "mysql"
   engine_version          = "8.0"
   instance_class          = "db.t3.micro"
-  name                    = "${local.resource_prefix}-db"
+  name                    = "${replace(local.resource_prefix, "-", "")}db"
   backup_retention_period = 0
+  db_subnet_group_name    = module.vpc.database_subnet_group_name
   username                = "admin"
   password                = random_password.password.result
   skip_final_snapshot     = true

diff --git a/v2/pkg/stratus/runner/runner.go b/v2/pkg/stratus/runner/runner.go
@@ -104,6 +104,10 @@ func (m *Runner) Detonate() error {
 		willWarmUp = false
 	}
 
+	if m.Technique.IsSlow {
+		log.Println("Note: This is a slow attack technique, it might take a long time to warm up or detonate")
+	}
+
 	if willWarmUp {
 		outputs, err = m.WarmUp()
 	} else {