Update T1078.004.yaml (#2982)
* Update T1078.004.md Added comment noting that this T1078.004-2 will only work if the Azure account (that the command is trying to login with) does not have 2FA enabled. * Update T1078.004.md * Update T1078.004.yaml Update T1078.004-2 so that core functionalities work again (regular execution, -GetPrereqs, and -CleanUp) * Revert T1078.004.md changes * Update terraform.tfvars Hardcoded Azure values. * Update T1078.004.yaml Hardcoded test 2's values to match `./atomics/T1078.004/src/T1078.004-2/terraform.tfvars` * Update terraform.tfvars * Update T1078.004.yaml --------- Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
This commit is contained in:
Kien Do
@@ -62,26 +62,18 @@ atomic_tests:
|
||||
supported_platforms:
|
||||
- iaas:azure
|
||||
input_arguments:
|
||||
username:
|
||||
description: Azure username
|
||||
type: string
|
||||
default: null
|
||||
password:
|
||||
description: Azure password
|
||||
type: string
|
||||
default: null
|
||||
resource_group:
|
||||
description: Name of the resource group
|
||||
type: string
|
||||
default: null
|
||||
default: ART-ResourceGroupName-T1078-004
|
||||
runbook_name:
|
||||
description: Name of the runbook name
|
||||
type: string
|
||||
default: null
|
||||
default: ART-RunbookName-T1078-004
|
||||
automation_account_name:
|
||||
description: Name of the automation account name
|
||||
type: string
|
||||
default: null
|
||||
default: ART-AutomationAccountName-T1078-004
|
||||
dependency_executor_name: powershell
|
||||
dependencies:
|
||||
- description: |
|
||||
@@ -89,37 +81,45 @@ atomic_tests:
|
||||
prereq_command: |
|
||||
terraform version
|
||||
get_prereq_command: |
|
||||
echo Please install terraform.
|
||||
echo "Please install terraform via https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli (URL accurate as of Nov. 15, 2024)."
|
||||
- description: |
|
||||
Install-Module -Name Az
|
||||
Check if Azure CLI and Azure Powershell are installed.
|
||||
|
||||
* Login to Azure CLI with "az login", and login to Azure Powershell with "Connect-AzAccount". Sessions are not shared.
|
||||
* Azure Powershell used in this test as they have better automation performance and error logging than Azure CLI.
|
||||
prereq_command: |
|
||||
try {if (Get-InstalledModule -Name Az -ErrorAction SilentlyContinue) {exit 0} else {exit 1}} catch {exit 1}
|
||||
get_prereq_command: |
|
||||
Install-Module -Name Az -Scope CurrentUser -Force
|
||||
$ProgressPreference = 'SilentlyContinue'; Invoke-WebRequest -Uri https://aka.ms/installazurecliwindowsx64 -OutFile .\AzureCLI.msi; Start-Process msiexec.exe -Wait -ArgumentList '/I AzureCLI.msi /quiet'; Remove-Item .\AzureCLI.msi
|
||||
- description: |
|
||||
Check if the user is logged into Azure.
|
||||
prereq_command: |
|
||||
az account show
|
||||
try {if (-not (Get-AzContext)) { exit 1 } else { exit 0 }} catch {exit 1}
|
||||
get_prereq_command: |
|
||||
echo Configure your Azure account using: az login.
|
||||
echo "* Configure your Azure account using: Connect-AzAccount"
|
||||
- description: |
|
||||
Create dependency resources using terraform
|
||||
|
||||
* If fail to meet prereq, navigate to T1078.004-2 using "cd $PathToAtomicsFolder/T1078.004/src/T1078.004-2/"
|
||||
* Open the "terraform.tfvars" file and fill in the variables with your desired values.
|
||||
* Re-run -GetPrereqs
|
||||
prereq_command: |
|
||||
try {if (Test-Path "$PathToAtomicsFolder/T1078.004/src/T1078.004-2/terraform.tfstate" ){ exit 0 } else {exit 1}} catch {exit 1}
|
||||
get_prereq_command: |
|
||||
echo "Navigating to: $PathToAtomicsFolder/T1078.004/src/T1078.004-2/"
|
||||
cd "$PathToAtomicsFolder/T1078.004/src/T1078.004-2/"
|
||||
terraform init
|
||||
terraform apply -auto-approve
|
||||
executor:
|
||||
command: |
|
||||
$secure_pwd = "#{password}" | ConvertTo-SecureString -AsPlainText -Force
|
||||
$creds = New-Object System.Management.Automation.PSCredential -ArgumentList "#{username}", $secure_pwd
|
||||
Connect-AzAccount -Credential $creds
|
||||
New-AzAutomationRunbook -Name #{runbook_name} -Type PowerShell -ResourceGroupName #{resource_group} -Description 'my-test-runbook' -AutomationAccountName #{automation_account_name}
|
||||
name: powershell
|
||||
elevation_required: false
|
||||
cleanup_command: |
|
||||
Remove-AzAutomationRunbook -AutomationAccountName #{automation_account_name} -Name #{runbook_name} -ResourceGroupName #{resource_group} -Force
|
||||
Remove-AzAutomationAccount -ResourceGroupName "MarkResourceGroup" -Name "MarkAutomationAccountName" -Force
|
||||
Remove-AzResourceGroup -Name "MarkResourceGroup" -Force
|
||||
echo "Cleanup should be completed. Run 'terraform destroy` to ensure remaining resources are also deleted."
|
||||
cd "$PathToAtomicsFolder/T1078.004/src/T1078.004-2/"
|
||||
terraform destroy -auto-approve
|
||||
- name: GCP - Create Custom IAM Role
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
automation_account_name = ""
|
||||
resource_group = ""
|
||||
runbook_name = ""
|
||||
automation_account_name = "ART-AutomationAccountName-T1078-004"
|
||||
resource_group = "ART-ResourceGroupName-T1078-004"
|
||||
runbook_name = "ART-RunbookName-T1078-004"
|
||||
|
||||
Reference in New Issue
Block a user