xavierventeo/cybersecurity-lab

CyberSecurity Lab

Repository created for training purpose. And to be analyzed after that using a SIEM system:

The infrastructure includes:

• Firewall: AWS Network Firewall and Security Groups on the instances.
• Linux server with Ubuntu AMI.
• RDS service.
• Linux server wuth Amazon Linux AMIA.
• Windows server with Windows Server 2016 AMI

Lab Diagram

Terraform Infrastructure as Code (IaC) Repository

This repository contains Terraform code to provision and manage infrastructure on Amazon Web Services using Infrastructure as Code (IaC) principles.

Prerequisites

Before you begin, ensure you have the following tools installed:

• Terraform
• AWS CLI
• An AWS account and the associated credentials that allow you to create resources. These credentials must be configured for the AWS provider (see Authentication and Configuration section in AWS terraform provider documentation.)

Related Repositories

Repository which include basic infrastructure to deploy a SIEM: Infrastructure for Wazuh SIEM

Usage

1. Clone this repository to your local machine:

git clone git@github.com:xavierventeo/cybersecurity-lab.git

2. Navigate to the repository directory:

cd cybersecurity-lab

3. Initialize Terraform:

terraform init

4. Configure terraform variables with your own values.

   Pay attention to configure allowed_ip_address variable in order to allow external access to your own IP

cp terraform.tfvars.example terraform.tfvars
vi terraform.tfvars

5. Plan the infrastructure changes:

terraform plan

6. Apply the infrastructure changes to your AWS Account:

terraform apply

Confirm the action by typing 'yes' when prompted.

Cleanup

To destroy the infrastructure provisioned by Terraform, run:

terraform destroy

Confirm the action by typing 'yes' when prompted.