-
Notifications
You must be signed in to change notification settings - Fork 358
Azure: MacOS Installation
P4T12ICK edited this page Feb 2, 2021
·
7 revisions
This will build a range automatically in MacOS. You will need also to sign up for an Azure account here as a prerequisite
- Install all the project dependencies with this 1 liner:
source <(curl -s 'https://raw.githubusercontent.com/splunk/attack_range/develop/scripts/macos_deploy_azure.sh')
- Run
aws configure
to configure your credentials on the local machine. - Finally configure your attack_range by running
python attack_range.py configure
- Build Attack Range
python attack_range.py build
- Obtain a copy of the Attack Range on your local computer. For example, this can be done by copying or cloning Attack Range from GitHub:
git clone https://github.com/splunk/attack_range
- Go to the install directory of the Attack Range:
cd attack_range
- Install virtual environment and all default packages required for the Attack Range project:
pip install virtualenv && virtualenv -p python3 venv && source venv/bin/activate && pip install -r requirements.txt
- If you don't have one, sign up for an Azure account here
- Install Terraform: Brew-install via
brew install terraform
, or download from this link - Initialize Terraform:
cd terraform/azure && terraform init && cd ../..
- Install Azure CLI:
brew install azure-cli
, otherwise see the guide on installing Azure CLI - Prepare public-private SSH keys for access to Azure VMs - at your local machine, use existing default keys (
id_rsa
andid_rsa.pub
stored atACCOUNT_HOME_FOLDER/.ssh
), or generate a new SSH key pair viassh-keygen
with no passphrase - Login with Azure CLI by running the following command
az login
- On your local machine, instantiate an Attack Range config file:
cp attack_range.conf.template attack_range.conf && vim attack_range.conf
. - Modify these parameters in the local config file:
-
attack_range_password
, any password you chose -
cloud_provider
, change to value: azure -
azure_subscription_id
, your Azure subscription ID -
ip_whitelist
, to improve security, allow only AWS access from your public IP addresses, i.e., replace default permissions from 0.0.0.0/0 to your exact public IP addresses and masks. -
private_key_path
, the path on your local machine to the private key you want to use -
public_key_path
, the path on your local machine to the public key you want to use -
region
, name of the preferred region in Azure
After configurations are complete, run Attack Range:
python attack_range.py build
Verify that the instance is present in Azure:
python attack_range.py show
Once done, shoot down Attack Range to save on Azure costs:
python attack_range.py destroy