CommandCenter (c2) 101 — Iterating through the Cyber Range Life-Cycle
About 1 month ago, I released the CommandCenter (c2) Docker container. Since then I have been working with a select group of individuals to share knowledge, know-how, and help them get going with the various pieces of automation in the open-source AWS Cyber Range portfolio.
The goal of this container is to make it easier to provide troubleshooting of your Cyber Range research-lab buildout. The container releases are controlled by github hooks and CircleCi builds in the CommandCenter github project.
In the near future, I plan to shift these container builds into the main Cyber Range repo and push docker builds with every successful pull request of features / fixes approved.
This change allows me to ensure the container has a functional environment with the most updated codebase.
All (c2) users will need to purge & download new container images everytime a container is released / updated. To do this you simply execute these commands:
docker ps -a | awk {‘print $1’} | egrep -iv “container” |xargs docker rm -f
docker images | awk {‘print $3’} | egrep -iv “image” |xargs docker rmi -f
the first removes all your containers, the second removes all your images. Note: if you are an advanced docker user then you simply want to delete the commandcenter container & image.
View the DockerHub page for the container for more information.
Cliff Notes
Here is a visual of the getting started guide for the container. These steps are relatively straight-forward however it is very easy to miss one and experience issues. Be diligent and check your steps / work.
Step 1 — Test the Cyber Range LifeCycle
a. start the AWS Cyber Range CommandCenter docker container. Export your keys then run the container.
# export your environmental variables
export aws_access_key_id=example_access_key_id
export aws_secret_access_key=example_secret_key
Once your keys are set you can start running your container by passing in your environmental variables.
# This brings you into the commandcenter container
docker run -it -e AWS_ACCESS_KEY_ID=$aws_access_key_id -e
AWS_SECRET_ACCESS_KEY=$aws_secret_access_key
awscyberrange/commandcenter:latest /bin/bash
Now that you are in the container you can confirm you have the most recent codebase by performing a git pull
Next, we need to update some variables, specifically your external IP address… update this file: https://github.com/secdevops-cuse/CyberRange/blob/master/terraform/modules/infrastructure/assets/secdevops/variables.tf#L1
At this point, I believe you are ready to start running the Cyber Range commands. Let’s start off with the initialization, build the network, then create the lab, test it, & destroy-it.
AWS_PROFILE=whatever ENV=YourTest REGION=us-east-1 make init
update the variables.tf and add your external IP address
AWS_PROFILE=deprecaited ENV=test REGION=us-east-1 make network
AWS_PROFILE=deprecaited ENV=test REGION=us-east-1 make lab
AWS_PROFILE=deprecaited ENV=test REGION=us-east-1 make checkLab
AWS_PROFILE=deprecaited ENV=test REGION=us-east-1 make destroy-force
Once you confirm you are able to perform this cycle of commands then you are ready to launch / deploy your own cyber range.
Related Articles:
Here are some related articles that you might be interested in…