cloudgoat iam_privesc_by_attachment setup error

iam_privesc_by_attachment setup error

Open tmechen opened this issue 1 year ago • 0 comments

Error:

while creating the iam_privesc_by_attachment scenario

│ Error: collecting instance settings: couldn't find resource
│
│   with aws_instance.cg-super-critical-security-server,
│   on ec2.tf line 56, in resource "aws_instance" "cg-super-critical-security-server":
│   56: resource "aws_instance" "cg-super-critical-security-server" {
│

Problem:

ami = "ami-0a313d6098716f372" not available https://github.com/RhinoSecurityLabs/cloudgoat/blob/e0338d9cd6f66206d0d053b3ee50635ab23ec4f9/scenarios/iam_privesc_by_attachment/terraform/ec2.tf#L58

Fix:

search for latest ami (for example LTS ubuntu 2204)

data "aws_ami" "ubuntu_2204" {
  most_recent = true
  owners      = ["099720109477"]
  filter {
    name   = "name"
    values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server*"]
  }
}

And using this instead of hardcoded ami in scenarios/iam_privesc_by_attachment/terraform/ec2.tf

ami = data.aws_ami.ubuntu_2204.id

Apr 19 '23 10:04 tmechen

cloudgoat cloudgoat copied to clipboard

iam_privesc_by_attachment setup error

Error:

Problem:

Fix:

cloudgoat
cloudgoat copied to clipboard