Merge pull request #10 from HuskyHacks/dev-aws-lab

AWS Cloud Config

.gitignore

@@ -1,3 +1,39 @@
 .idea/*
 .vs/*
 .vs/
+
+# Terraform
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc

aws-lab/get_password.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+set -e
+
+# Check if jq is installed
+if ! [ -x "$(command -v jq)" ]; then
+    >&2 echo "Error: jq is not installed"
+    exit 1
+fi
+
+# Parse instance ID from input JSON
+instanceid=$(jq -r '.instanceid')
+
+# Get username and password from instance output
+user=$(aws ec2 get-console-output --instance-id $instanceid --output text --no-paginate | grep "the default application username is" | awk -F "'" '{print $2}')
+password=$(aws ec2 get-console-output --instance-id $instanceid --output text --no-paginate | grep "Setting Bitnami application password to" | awk -F "'" '{print $2}')
+
+# Check if username and password were successfully retrieved
+if [ -z "$user" ] || [ -z "$password" ]; then
+    >&2 echo "Error: Unable to retrieve username or password from instance output"
+    exit 1
+fi
+
+# Generate and print output JSON
+cat <<EOF | jq -c
+{
+  "user": "$user",
+  "password": "$password"
+}
+EOF

aws-lab/instances.tf

@@ -0,0 +1,78 @@
+resource "aws_instance" "flarevm" {
+  ami           = var.flarevm-ami
+  instance_type = "t2.medium"
+
+  network_interface {
+    network_interface_id = aws_network_interface.network_interface_flarevm.id
+    device_index         = 0
+  }
+
+  tags = {
+    Name = "${var.environment}-flarevm"
+  }
+
+}
+
+resource "aws_instance" "remnux" {
+  ami           = var.remnux-ami
+  instance_type = "t2.medium"
+
+  network_interface {
+    network_interface_id = aws_network_interface.network_interface_remnux.id
+    device_index         = 0
+  }
+
+  tags = {
+    Name = "${var.environment}-remnux"
+  }
+
+}
+
+resource "aws_instance" "guacamole" {
+  count = var.enable_guacamole ? 1 : 0
+  ami   = var.guacamole-ami # bitnami guacamole 72d31fe1-c724-49d3-8981-a32cfbe0189e 
+
+  instance_type = "t2.medium"
+
+  network_interface {
+    network_interface_id = aws_network_interface.network_interface_guacamole[0].id
+    device_index         = 0
+  }
+
+  tags = {
+    Name = "${var.environment}-guacamole"
+  }
+
+}
+
+data "aws_instance" "guacamole_id" {
+  count = var.enable_guacamole ? 1 : 0
+  filter {
+    name   = "instance-state-name"
+    values = ["running"]
+  }
+
+  filter {
+    name   = "tag:Name"
+    values = ["${var.environment}-guacamole"]
+  }
+  depends_on = [aws_instance.guacamole]
+}
+
+# Wait 5 minute for the Guacamole initialization
+resource "time_sleep" "wait_5_min" {
+  count      = var.enable_guacamole ? 1 : 0
+  depends_on = [data.aws_instance.guacamole_id[0]]
+
+  create_duration = "5m"
+}
+
+# Get Guacamole credentials from get-console-output
+data "external" "guacamole_credentials" {
+  count   = var.enable_guacamole ? 1 : 0
+  program = ["bash", "get_password.sh"]
+  query = {
+    "instanceid" = data.aws_instance.guacamole_id[0].id
+  }
+  depends_on = [time_sleep.wait_5_min]
+}

aws-lab/main.tf

@@ -0,0 +1,16 @@
+terraform {
+  required_version = "1.3.7"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "4.39.0"
+    }
+  }
+
+}
+
+provider "aws" {
+  region              = var.region
+  allowed_account_ids = [var.account]
+}