Using AWS and GCP to create and monitor a Fake app. Tools we will use: Bash, Cloud Shell, Snyk, Terraform, Ansible, Ubuntu/Debian Linux, NMap, and Wazuh

First step is to create all the folders and files we will need for the project via the command line.

Now setting up the AWS terraform file. 2 IMPORTANT things to remember here are we do NOT want to use the default VPC in AWS and 2 when creating VMs in terraform with AWS you NEED to pay attention to the "AMI ID" for the OS you are using each region I.E 'us-east-1' and/or 'us-east-2' have different "AMI ID's" even if the OS is the same. I'll post a picture below.(The Highlighted section). We need to make sure we have port 22 open in our Security group so we can use ansible to automate the installation of the plugins we need.

Copy that from your respective region and add it to the terraform file

Next we will move on to the GCP Linux server that will host our make believe "app." We have to make sure in GCP to add a certain tag to the VM "http-server" as well as have port 80 open in or VPC so we can access the site. Like the AWS EC2 AM we need to have port 22 open so we can have ansible connect and automate the installation of the plugins we need.

Next we will have snyk do an IaC test on this first part of our terraform code. (No major issues are 2 High issues are because we are allowing SSH from the whole internet. Normally you would want to restrict it to certain IPS of your/works network)

Now for the website we will use AI to help create the html for the simple website(I'm not a webdev forgot all that from highschool haha)

Now we will run "terraform init," then plan, and then apply to spin up in our AWS and GCP consols!

"Terraform plan" looks good and no issues

Next we will run the following command "terraform apply -auto-approve -var-file=terraform.auto.tfvars" This will do a few things. "Apply" will tell terraform to build anything that is in our files that has not been created yet. "-auto-approve" will automatically confirm that we want to do these 'changes.' "-var-file= lets terraform know we have variables that we are using in this set up.

Up and running!

Now that are VM's are running in GCP and AWS we will now use ansible to install and update the needed tools. First lets add NMAP to our AWS EC2 Looks like we were able to connect and install NMAP lets check in the AWS EC2 instance!

Now lets run our GCP ansible playbook!

Now lets check or IP address to see if the apache loads. Good the apache page is showing1

Now we will deploy our website.yml

Now lets check the url again.

Now our website is up and running!

Next we will set up Wazuh via the Deployment Market place. There are guided instructions be sure to follow them I'll add the link Here Now deployed in GCP

Next we need to wait about 5-15 minutes for the services to start. Then we follow the instructions to set up our agent to put it in our GCP-Linux-Box. Be sure to add the ip address of your Wazuh server. Next we ssh into our GCP-Linux-Box and run the commands given in Wazuh to install the agent. Now let's check Wazuh if the agent is active. It is now up and running! Also connected via our internal GCP subnet!

Our last steps will involve going back to AWS and we will SSH into our instance and run a few NMap scans on our GCP-Linux-Box

Now we are all finished! You could always run more advanced scans and simulated attacks!

Remember to TEAR DOWN any unused resources with Terraform!