Bugfix & Update EC2 SSRF Scenario - Githubissues

RhinoSecurityLabs / cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

BSD 3-Clause "New" or "Revised" License

2.98k stars 624 forks source link

Bugfix & Update EC2 SSRF Scenario #268

Closed andrew-aiken closed 2 months ago

andrew-aiken commented 3 months ago

Overview of Changes

Fixed the issue described in #267
Updated the SSRF app
- Removed unneeded code & less dependencies
Updated the Terraform to my standards 😁
- Call the AMI to get the latest version (Ubuntu 24), will now work in all regions
- Updating TF naming, formatting and tagging
- Zip the code w/ Terraform
- Switch the S3 object to look like an aws credentials file
- Removed the need for null resources

Testing

Deployed and ran through the scenario successfully