https://github.com/mitre/demo-aws-hardening
DEMO: A kitchen-terraform based example of building and validating AWS security settings
https://github.com/mitre/demo-aws-hardening
aws inspec mitre-corporation mitre-inspec s3-buckets s3-security vpc vpc-security
Last synced: 2 months ago
JSON representation
DEMO: A kitchen-terraform based example of building and validating AWS security settings
- Host: GitHub
- URL: https://github.com/mitre/demo-aws-hardening
- Owner: mitre
- License: other
- Created: 2017-12-13T00:18:55.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2022-02-07T08:34:31.000Z (over 3 years ago)
- Last Synced: 2025-07-10T19:24:48.134Z (3 months ago)
- Topics: aws, inspec, mitre-corporation, mitre-inspec, s3-buckets, s3-security, vpc, vpc-security
- Language: HCL
- Homepage:
- Size: 14.7 MB
- Stars: 4
- Watchers: 22
- Forks: 3
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
# aws-demo-hardening
A kitchen-terraform based example of building and validating AWS security settings
## Setup Notes:
### Install your gems
You will need to ensure the needed ruby gems are installed:
- `bundle install` to installed the needed gems
### Setup your Environment
You will need to set the following env_vars for this to work.
- AWS_SUBNET_ID
- AWS_SSH_KEY_ID
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- TF_VAR_aws_secret_key
- AWS_DEFAULT_INSTANCE_TYPE
- AWS_SUBNET_ID
- AWS_KEY_NAME
- AWS_DEFAULT_REGION
- AWS_AMI_ID
- AWS_SG_ID
## Usage:
1. `bundle exec kitchen create aws-demo-baseline-ubuntu`
2. `bundle exec kitchen converge aws-demo-baseline-ubuntu`
3. `bundle exec kitchen verify aws-demo-baseline-ubuntu`
4. `bundle exec kitchen destroy aws-demo-baseline-ubuntu`
or
1. `bundle exec kitchen test aws-demo-baseline-ubuntu --destroy=always`
## Quetions:
- see: https://newcontext-oss.github.io/kitchen-terraform/tutorials/amazon_provider_ec2.html
- see: https://github.com/chef/inspec-aws
## Updates:
This repo contains a sub-module(s) so remember to use a :
Initial
- ` git clone https://github.com/aaronlippold/aws-demo-hardening.git`
Alternatively, to include submodules
- ` git clone https://github.com/aaronlippold/aws-demo-hardening.git --recursive`
Updates
- ` git pull`
Update all submodules
- ` git submodule foreach git pull origin master`
## Useful Examples:
- https://github.com/hashicorp/terraform-aws-vault/pull/26/files
## NOTICE
© 2018 The MITRE Corporation.
Approved for Public Release; Distribution Unlimited. Case Number 18-3678.
## NOTICE
MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
## NOTICE
This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.
No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.