Forum Discussion
Bronze IICustom Lab creation AWS EC2 image issue
ImmerserHey hexninja !
This is awesome! Can you tell me what you are building exactly? Is it a vulnerable web app?
For clarity, when you share your AMI with us, we deploy it in our own lab environment, and we apply our own security group to that. We don't copy it, so you must keep a version of it in your own AWS account, but we do deploy the AMI itself in our own account. This means any network SGs on your own side aren't an issue. Unless you are talking about not being able to actually build the AMI because you aren't able to SSH/RDP in to test it?
We have a TON of docs and videos coming out soon to help people with building their own labs, which will be available in July - along with some other new features I think that will help you.
Matt
Bronze IIHi MattParven
I have managed to setup AMIs in our AWS 'burner' accounts and share them with Immersive Labs as our 'burner' account supports unencrypted EBS storage. My issues is these accounts are reset every 21 days and not suitable for storing the AMI long term.
Our normal AWS accounts do not allow unencrypted EBS (company wide policy) and so when I share the AMI it does not work in Immersive Labs as Immersive Labs does not have the encryption key!
Is there any way to support sharing an AMI with an encrypted EBS? I guess we would need to share a key or use one of yours?
Thanks,
Rob
- MattParven
Hey hexninja . If your organization is forcing encrypted EBS and there is no way to create a long-lived AWS account to store them unencrypted, this could pose a problem.
We may look at an option to "Copy" AMI to us in the future, which would mitigate this.
However in the short term (July), we are releasing a new feature that is basically an "image library" of machines we manage that you can choose from (Kali, Reverse Engineering machine, Forensics machine, etc.). These machines allow you to upload files (like logs) without needing to build/manage the underlying machines yourself, and I think that this may suit your needs.
What type of software are you needing on the Ubuntu machine to do the log analysis, is it custom to your org or open source tools?
Matt
