Step 2 — Building the Cyber Range w/ Terraform

This next step greatly simplified by using the project’s makefile. We can simply execute make cyberRange to create the entire CyberRange. It was timed at taking less than 5 minutes.

create everything in less than 5 minutes

The project has a folder structure that is referenced in the terraform\environments\<region>\main.tf file

The first Critical Step before Launching the Cyber Range is to update the IP list located at https://github.com/cappetta/CyberRange/blob/master/terraform/modules/infrastructure/assets/secdevops/variables.tf

You need to change the default 0.0.0.0/32 to your_ip/32 or a desired range of IPs…

variable "ip_list" {
  description = "Protect your research lab, use your your IP"
    default     = "0.0.0.0/32"
}

Launching the Cyber Range w/ Make CyberRange

The Make Network command in action

Inspec Tests are Green

Reviewing the Inspec Tests

Running make ips

Now that you have all the assets up & you have confirmed the inspec tests have completed successfully. By Default, this runs at the end of the make cyberRange command.

To be continued….

Obtaining the IPs of the assets with make ips

Using Terraform in CircleCi Builds

The main motivation was to provide continuous testing of the project and to automate basic sanity checks. This terraform-with-circleci-example is a perfect framework to get started.

fedekau/terraform-with-circleci-example

The CyberRange .circleci/config.yml

Talking a quick look at the Cyber Range’s circleci configuation file. Notice the injection of the private keys. This provides the Continuous Integration / Continuous Delivery tooling with the information needed to perform automated testing by logging into the assets during the build process.