stratus-red-team icon indicating copy to clipboard operation
stratus-red-team copied to clipboard

Published 20 hours ago verified publisher icon DataDog

Standardize Naming of Instances Created During Warmup Stage

Open sjhood opened this issue 2 years ago • 1 comments

Going through the tf code for each of the different scenarios in AWS I realized that the naming of created instances follows no particular pattern. I noticed one name something with the format "StratusRedTeam" another "same-<Attack Simulation Name>" and another that was simply just the simulation name.

I think standardizing these to being something of the form "stratus-red-team-" or similar would make it easier to tell which resources are being spun up by these attack simulations. In addition, creating restricted iam roles/permissions only able to operate on resources created by SRT could allow for implementation of best IAM practices.

Related to this, I think that tagging resources with a tag stating that the instance was created by SRT rather than the name of the particular simulation name could help in identifying random resources if for some reason resources were not able to be destroyed properly.

sjhood avatar Sep 16 '22 22:09 sjhood

Thanks for reporting! Definitely agree with you.

christophetd avatar Sep 20 '22 10:09 christophetd

Created a PR related to this issue here: https://github.com/DataDog/stratus-red-team/pull/242

sjhood avatar Oct 19 '22 18:10 sjhood

Done in #242

christophetd avatar Nov 22 '22 10:11 christophetd