Restructured repo and brought tf examples (#3)

* Restructured repo and brought tf examples * reworked based on feedback * corrected a few minor things per review --------- Co-authored-by: John Dewey <john.dewey@corelight.com>
corelight · Nov 6, 2024 · 8836744 · 8836744
1 parent a366ecc
commit 8836744
Show file tree

Hide file tree

Showing 24 changed files with 811 additions and 58 deletions.
diff --git a/.github/workflows/dev.yaml b/.github/workflows/dev.yaml
@@ -20,7 +20,7 @@ jobs:
           role-duration-seconds: 1200
       - name: Push Files
         run: |
-          aws s3 cp cloud-native-iac/AWS/*.yaml s3://${{ env.S3_BUCKET }}
+          aws s3 cp cloudformation/*.yaml s3://${{ env.S3_BUCKET }}
 permissions:
   id-token: write
-  contents: read
+  contents: read
diff --git a/.github/workflows/prod.yaml b/.github/workflows/prod.yaml
@@ -20,7 +20,7 @@ jobs:
           role-duration-seconds: 1200
       - name: Push Files
         run: |
-          aws s3 cp cloud-native-iac/AWS/*.yaml s3://${{ env.S3_BUCKET }}
+          aws s3 cp cloudformation/*.yaml s3://${{ env.S3_BUCKET }}
 permissions:
   id-token: write
-  contents: read
+  contents: read
diff --git a/README.md b/README.md
@@ -1,52 +1,29 @@
-# Corelight Cloud
+# Corelight Deployment Guide
 
-IaC used to deploy Corelight Sensors into various Cloud Providers.
+This repository provides sample configurations for deploying Corelight products
+across AWS, Azure, and Google Cloud Platform (GCP). The examples offer both
+**Terraform-based** and **native IaC solutions**, allowing users to choose
+the approach that best fits their platform requirements and preferences.
 
-## Cloud Enrichment Service
+## Directory Structure Overview
 
-Code to deploy Corelight's Cloud Enrichment services.
+### `cloudformation/`
 
-### AWS
+This directory includes **AWS CloudFormation templates** for deploying Corelight
+solutions within AWS environments using native AWS IaC. Each template provides
+configurations tailored for Corelight.
 
-* [Terraform][terraform-aws-enrichment]
+### `terraform/`
 
-[terraform-aws-enrichment]: https://github.com/corelight/terraform-aws-enrichment/
+The `terraform/` directory contains **Terraform modules** structured by cloud
+provider. Each subdirectory under `terraform/` is organized by provider and
+service, with individual `README.md` files for specific guidance on deploying
+Corelight products within that cloud.
 
-### Azure
+#### Integrations
 
-* [Terraform][terraform-azure-enrichment]
-
-[terraform-azure-enrichment]: https://github.com/corelight/terraform-azure-enrichment/
-
-### GCP
-
-* [Terraform][terraform-gcp-enrichment]
-
-[terraform-gcp-enrichment]: https://github.com/corelight/terraform-gcp-sensor/
-
-## Cloud Sensor
-
-Code to deploy Corelight's Cloud Sensor.
-
-### AWS
-
-* [CFN][cfn-aws-sensor]
-* [Terraform][terraform-aws-sensor]
-
-[cfn-aws-sensor]: https://github.com/corelight/corelight-cloud/tree/main/cloud-native-iac/AWS
-[terraform-aws-sensor]: https://github.com/corelight/terraform-aws-sensor/
-
-### Azure
-
-* [Terraform][terraform-azure-sensor]
-
-[terraform-azure-sensor]: https://github.com/corelight/terraform-azure-sensor/
-
-### GCP
-
-* [Terraform][terraform-gcp-sensor]
-
-[terraform-gcp-sensor]: https://github.com/corelight/terraform-gcp-enrichment/
+Within `terraform/integrations/`, you’ll find subdirectories for integrating
+Corelight products with partner solutions.
 
 ## License
 

diff --git a/cloud-native-iac/AWS/README.md → cloudformation/README.md b/cloud-native-iac/AWS/README.md → cloudformation/README.md
@@ -1,22 +1,18 @@
-# AWS
+# Corelight CloudFormation Templates
 
-AWS specific deployment scripts.
+This directory contains AWS CloudFormation templates for deploying Corelight
+solutions within AWS environments.
 
-## Cloud Formation
+## Templates
 
-A Cloud Formation template for deploying Corelight Sensors.
+- **`autoscaling-sensor.yaml`**: Sets up an Auto Scaling group for Corelight Sensors,
+    enabling automatic scaling based on demand.
 
-## Dependencies
-
-* Install [AWS Command Line Interface][awscli]
-
-### Deployment Instructions
+## Usage
 
 Execute the following commands making sure to provide the appropriate
 parameters for your environment.
 
-#### Sensor
-
 Create a new stack:
 
 ```bash
@@ -52,5 +48,3 @@ aws cloudformation update-stack --region <AWS_REGION> \
     ParameterKey=KeyPairName,ParameterValue=<SENSOR_KEY_PAIR_NAME> \
   --template-body file://cfn.yaml
 ```
-
-[awscli]: https://aws.amazon.com/cli/
diff --git a/cloud-native-iac/AWS/cfn.yaml → cloudformation/autoscaling-sensor.yaml b/cloud-native-iac/AWS/cfn.yaml → cloudformation/autoscaling-sensor.yaml
diff --git a/terraform/README.md b/terraform/README.md
@@ -0,0 +1,26 @@
+# Terraform
+
+This directory contains **Terraform** modules used to deploy Corelight solutions
+across multiple cloud providers.
+
+#### Subdirectories
+
+- **`aws-autoscaling-sensor/`**: Contains Terraform files for deploying an
+    autoscaling sensor within AWS, including `main.tf` and `versions.tf` files for configuration.
+- **`aws-cloud-enrichment/`**: A Terraform module for setting up cloud enrichment
+    services on AWS.
+- **`azure-cloud-enrichment/`**: Module to configure cloud enrichment capabilities
+    on Azure.
+- **`azure-scaleset-sensor/`**: Azure Terraform configuration to deploy Corelight
+    sensors on a Virtual Machine Scale Set.
+- **`gcp-mig-sensor/`**: A Terraform module for deploying a sensor with GCP’s
+    Managed Instance Groups (MIG).
+- **`gcp-cloud-enrichment/`**: GCP-specific Terraform module for configuring cloud
+    enrichment services.
+- **`integrations/`**: Subdirectories for integrating Corelight products with
+    partner solutions.
+
+## How to Use
+
+Navigate into the appropriate directory and follow the instructions provided in
+the `README.md` for each module.
diff --git a/terraform/aws-autoscaling-sensor/README.md b/terraform/aws-autoscaling-sensor/README.md
@@ -0,0 +1,11 @@
+# Corelight Sensor Deployment - AWS
+
+This directory provides Terraform code for deploying Corelight's Cloud Sensor
+on **AWS**.
+
+## Overview
+
+This deployment uses the [terraform-aws-sensor][] module, which simplifies the
+setup of Corelight Sensors by automating the provisioning of AWS resources.
+
+[terraform-aws-sensor]: https://github.com/corelight/terraform-aws-sensor/
diff --git a/terraform/aws-autoscaling-sensor/main.tf b/terraform/aws-autoscaling-sensor/main.tf
@@ -0,0 +1,59 @@
+locals {
+  vpc_id                   = "<vpc where resources are deployed>"
+  monitoring_subnet        = "<monitoring subnet id>"
+  management_subnet        = "<management subnet id>"
+  sensor_ssh_key_pair_name = "<name of the ssh key in AWS used to access the sensor EC2 instances>"
+  sensor_ami_id            = "<sensor ami id from Corelight>"
+  license                  = "<your corelight sensor license key>"
+  tags = {
+    terraform : true,
+    purpose : "Corelight"
+  }
+  fleet_token = "b1cd099ff22ed8a41abc63929d1db126"
+  fleet_url   = "https://fleet.example.com:1443/fleet/v1/internal/softsensor/websocket"
+}
+
+data "aws_subnet" "management" {
+  id = local.management_subnet
+}
+
+module "asg_lambda_role" {
+  source = "github.com/corelight/terraform-aws-sensor//modules/iam/lambda"
+
+  lambda_cloudwatch_log_group_arn = module.sensor.cloudwatch_log_group_arn
+  security_group_arn              = module.sensor.management_security_group_arn
+  sensor_autoscaling_group_name   = module.sensor.autoscaling_group_name
+  subnet_arn                      = data.aws_subnet.management.arn
+
+  tags = local.tags
+}
+
+module "sensor" {
+  source = "github.com/corelight/terraform-aws-sensor"
+
+  auto_scaling_availability_zones = ["us-east-1a"]
+  aws_key_pair_name               = local.sensor_ssh_key_pair_name
+  corelight_sensor_ami_id         = local.sensor_ami_id
+  license_key                     = local.license
+  management_subnet_id            = local.management_subnet
+  monitoring_subnet_id            = local.monitoring_subnet
+  community_string                = "<password for the sensor api>"
+  vpc_id                          = local.vpc_id
+  asg_lambda_iam_role_arn         = module.asg_lambda_role.role_arn
+  fleet_token                     = local.fleet_token
+  fleet_url                       = local.fleet_url
+
+  tags = local.tags
+}
+
+module "bastion" {
+  source = "github.com/corelight/terraform-aws-sensor//modules/bastion"
+
+  bastion_key_pair_name        = "<AWS ssh key pair name for the bastion host>"
+  subnet_id                    = data.aws_subnet.management.id
+  management_security_group_id = module.sensor.management_security_group_id
+  vpc_id                       = local.vpc_id
+  public_ssh_allow_cidr_blocks = ["0.0.0.0/0"]
+
+  tags = local.tags
+}
diff --git a/terraform/aws-autoscaling-sensor/versions.tf b/terraform/aws-autoscaling-sensor/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">=1.3.2"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5"
+    }
+  }
+}
diff --git a/terraform/aws-cloud-enrichment/README.md b/terraform/aws-cloud-enrichment/README.md
@@ -0,0 +1,11 @@
+# Corelight Cloud Enrichment Service Deployment - AWS
+
+This directory provides Terraform code for deploying Corelight's Cloud Enrichment
+on **AWS**.
+
+## Overview
+
+This deployment uses the [terraform-aws-enrichment][] module, which simplifies the
+setup of Corelight Cloud Enrichment by automating the provisioning of AWS resources.
+
+[terraform-aws-enrichment]: https://github.com/corelight/terraform-aws-enrichment/