From f193d0abccc3e16f6f5bafc3befcee5247648911 Mon Sep 17 00:00:00 2001
From: brian <87996832+briandefiant@users.noreply.github.com>
Date: Wed, 7 Dec 2022 06:16:35 -0500
Subject: [PATCH] Remove requirement for default VPC and default subnets from
 aws.exfiltration.rds-share-snapshot. Add output indicating if an attack
 technique is slow (#284)

* Remove requirement for default VPC and default subnets from aws.exfiltration.rds-share-snapshot. Add output indicating if an attack technique is slow.

* Revert reordered imports

* Update note about slow attack techniques

* Closes #140, #141

Co-authored-by: Christophe Tafani-Dereeper <christophe@tafani-dereeper.me>
---
 .../exfiltration/rds-share-snapshot/main.tf   | 24 ++++++++++++++++++-
 v2/pkg/stratus/runner/runner.go               |  4 ++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.tf b/v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.tf
index 638b6d67..9ba46d5f 100644
--- a/v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.tf
+++ b/v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.tf
@@ -28,13 +28,35 @@ locals {
   resource_prefix = "stratus-red-team-share-snap"
 }
 
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
+module "vpc" {
+  source = "terraform-aws-modules/vpc/aws"
+
+  name = "${local.resource_prefix}-vpc"
+  cidr = "10.0.0.0/16"
+
+  azs              = [data.aws_availability_zones.available.names[0], data.aws_availability_zones.available.names[1]]
+  database_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
+
+  map_public_ip_on_launch = false
+  enable_nat_gateway      = false
+
+  tags = {
+    StratusRedTeam = true
+  }
+}
+
 resource "aws_db_instance" "default" {
   allocated_storage       = 10 // minimum size
   engine                  = "mysql"
   engine_version          = "8.0"
   instance_class          = "db.t3.micro"
-  name                    = "${local.resource_prefix}-db"
+  name                    = "${replace(local.resource_prefix, "-", "")}db"
   backup_retention_period = 0
+  db_subnet_group_name    = module.vpc.database_subnet_group_name
   username                = "admin"
   password                = random_password.password.result
   skip_final_snapshot     = true
diff --git a/v2/pkg/stratus/runner/runner.go b/v2/pkg/stratus/runner/runner.go
index 930ab3db..5a752016 100644
--- a/v2/pkg/stratus/runner/runner.go
+++ b/v2/pkg/stratus/runner/runner.go
@@ -104,6 +104,10 @@ func (m *Runner) Detonate() error {
 		willWarmUp = false
 	}
 
+	if m.Technique.IsSlow {
+		log.Println("Note: This is a slow attack technique, it might take a long time to warm up or detonate")
+	}
+
 	if willWarmUp {
 		outputs, err = m.WarmUp()
 	} else {