Merge pull request elastic#5430 from charlie-pichette/update-create-p…

…rocess Add additional info to create output
MadameSheema · Nov 15, 2022 · ac50536 · ac50536
2 parents b52f2a8 + 8d52d3f
commit ac50536
Showing 1 changed file with 28 additions and 17 deletions.
diff --git a/tools/sec-eng-prod/sep-vms/sep-vms.py b/tools/sec-eng-prod/sep-vms/sep-vms.py
@@ -7,16 +7,17 @@
 import subprocess
 import sys
 import argparse
-import json
+import string
+import random
 
 # Set default values
 zone_name = 'us-central1-c'
 project_name = 'elastic-security-dev'
 image_project = 'elastic-images-prod'
 os_name = 'ubuntu-2204-lts'
 label_name = 'security-engineering-productivity'
-exclude_public_id = False
 instance_name = None
+string_size = 8
 
 # Build and initialize the API
 compute = googleapiclient.discovery.build('compute', 'v1')
@@ -41,8 +42,6 @@ def getArgs():
                              'default is ubuntu-2204-lts')
     parser.add_argument('-a', '--label', help='instance label identifier, '
                         'default is security-engineering-productivity')
-    parser.add_argument('-x', '--exclude', action='store_true',
-                        help='exclude a public IP address')
     group.add_argument('-c', '--create', action='store_true',
                        help='create new instance, not valid with -i, -l or -r')
     group.add_argument('-l', '--list', action='store_true',
@@ -202,13 +201,12 @@ def findInstance(project, zone, instance):
         dict or NoneType: Dictionary with instance details or NoneType if no
                           instance is found.
     """
-    # print('Instance name: ' + instance_name)
+
     try:
         response = compute.instances().get(project=project,
                                            zone=zone,
                                            instance=instance).execute()
     except googleapiclient.errors.HttpError as e:
-        # print('Error: {}'.format(json.loads(e.content)['error']['message']))
         response = None
     return response
 
@@ -233,7 +231,8 @@ def createInstance(project_name, zone_name, os_name, instance_name):
                                                          zone_name))
     if 'windows' in os_name:
         tag_list = ['group-windows', 'allow-winrm', 'allow-internal-rdp',
-                    'allow-external-rdp', 'allow-icmp']
+                    'allow-external-rdp', 'allow-icmp', 'allow-internal-dns',
+                    'allow-internal-ports-private-ad']
     else:
         tag_list = ['allow-ssh']
 
@@ -261,22 +260,37 @@ def createInstance(project_name, zone_name, os_name, instance_name):
             'network': 'global/networks/sec-eng-productivity',
             'subnetwork':
             'regions/us-central1/subnetworks/sec-eng-productivity-subnet',
-            # 'accessConfigs': [{}]
           }],
           'tags': {'items': tag_list},
-          'labels': [{'group': 'security-engineering-productivity'}]
+          'labels': [{'group': 'security-engineering-productivity',
+                      'division': 'engineering',
+                      'org': 'security',
+                      'team': 'securityengineeringproductivity',
+                      'project': ''.join(filter(str.isalnum, username))}]
     }
-    # print("config before: {}".format(json.dumps(config, indent=4)))
-    if not exclude_public_id:
-        config['networkInterfaces'][0]['accessConfigs'] = [{}]
-    # print("config after: {}".format(json.dumps(config, indent=4)))
 
     response = compute.instances().insert(project=project_name,
                                           zone=zone_name,
                                           body=config).execute()
 
     print('The instance Id is: ' + response['targetId'])
     print('It may be a few minutes before it is available.')
+    if 'windows' in os_name:
+        hostname = 'SEP-' + ''.join(random.choices(string.ascii_uppercase + 
+                                                    string.digits, 
+                                                    k=string_size))
+
+        message = f"\n{'-' * 79}\n"
+        message = message + 'RDP to the instance and run the following commands in an administrative prompt.\n'
+        message = message + 'Replace "Ethernet 2" with the value returned by the show interface command.\n\n'
+
+        message = message + 'netsh interface show interface\n'
+        message = message + 'netsh interface ipv4 set dnsservers "Ethernet 2" static 10.5.0.3 primary\n'
+        message = message + f'wmic computersystem where name="%COMPUTERNAME%" rename "{hostname}"\n'
+        message = message + 'shutdown /r\n'
+        message = message + f"{'-' * 79}\n"
+
+        print(message)
 
     return
 
@@ -292,7 +306,7 @@ def deleteInstance(project_name, zone_name, instance_name):
     print('Deleting {} from {} in {}!'.format(instance_name,
                                               project_name,
                                               zone_name))
-    # compute = googleapiclient.discovery.build('compute', 'v1')
+
     # Delete VM instance
     compute.instances().delete(
           project=project_name,
@@ -320,7 +334,6 @@ def debug_info():
     print('list images: {}'.format(args.list))
     print('list instances: {}'.format(args.instances))
     print('remove instance: {}'.format(args.remove))
-    print('exclude public ip: {}'.format(args.exclude))
     print('-' * 20)
 
 
@@ -360,7 +373,5 @@ def main():
         if not args.name:
             print('-r/--remove requires -n/--name option.')
             exit()
-    if args.exclude:
-        exclude_public_id = args.exclude
 
     main()