added sample packer code

ami/Makefile

@@ -0,0 +1,20 @@
+KUBERNETES_VERSION ?= 1.10.3
+
+DATE ?= $(shell date +%Y-%m-%d)
+
+# Defaults to Amazon Linux 2  AMI
+# * use the us-east-1 image
+# https://aws.amazon.com/amazon-linux-2/release-notes/
+SOURCE_AMI_ID ?= ami-b70554c8
+
+AWS_DEFAULT_REGION = us-east-1
+
+PACKER_CONFIG_FILE = my-aws-security-arsenal-packer-config.json
+
+all: ami
+
+validate:
+	packer validate $(PACKER_CONFIG_FILE)
+
+ami: validate
+	packer build -var source_ami_id=$(SOURCE_AMI_ID) $(PACKER_CONFIG_FILE)

ami/README.md

@@ -0,0 +1,52 @@
+# Create an AMI with all security tools in the arsenal list
+
+Configuration scripts for building a custom Amazon AMI with [HashiCorp Packer](https://www.packer.io/).
+
+**NOT WORKING YET** 	
+Still in development
+
+## Setup
+
+* You must have [Packer](https://www.packer.io/) installed on your local system.
+For more information, see [Installing Packer](https://www.packer.io/docs/install/index.html)
+in the Packer documentation.
+
+* You must also have AWS account credentials configured so that Packer can make
+calls to AWS API operations on your behalf. For more information, see [Authentication](https://www.packer.io/docs/builders/amazon.html#specifying-amazon-credentials)
+in the Packer documentation.
+
+**Note**
+
+The default region used is to build this AMI is `us-east-1` and the instance
+type is a `t2.medium` (4GB RAM, 2vCPUs, EBS only and $0.046400 hourly) and does
+not qualify for the AWS free tier. You are charged for any instances created
+when building this AMI. The base AMI used is `ami-b70554c8`, Amazon Linux 2.
+
+## Building the AMI
+
+A Makefile is provided to build the AMI, but it is just a small wrapper around
+invoking Packer directly. You can initiate the build process by running the
+following command in the root of this repository:
+
+```bash
+make
+```
+
+The Makefile runs Packer with the `my-aws-security-arsenal-packer-config.json`
+build specification template and the [amazon-ebs](https://www.packer.io/docs/builders/amazon-ebs.html)
+builder. An instance is launched and the Packer [Shell
+Provisioner](https://www.packer.io/docs/provisioners/shell.html) runs the
+`install-tools.sh` script on the instance to install software and perform other
+necessary configuration tasks.  Then, Packer creates an AMI from the instance
+and terminates the instance after the AMI is created.
+
+## Using the AMI
+
+If you are just getting started with security tools, visit [https://github.com/toniblyx/my-arsenal-of-aws-security-tools](https://github.com/toniblyx/my-arsenal-of-aws-security-tools)
+and get familiar with every tool that you are interested in.
+
+Launch an instance with the new AMI ID that is returned when Packer finishes building.
+
+## Reference
+
+Some code is taken as reference from here [https://github.com/awslabs/amazon-eks-ami](https://github.com/awslabs/amazon-eks-ami)

ami/install-tools.sh

@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+set -o pipefail
+set -o nounset
+set -o errexit
+IFS=$'\n\t'
+
+TEMPLATE_DIR=${TEMPLATE_DIR:-/tmp/arsenal}
+
+################################################################################
+### Packages ###################################################################
+################################################################################
+
+# Update the OS to begin with to catch up to the latest packages.
+sudo yum update -y
+
+# Install necessary packages
+sudo yum install -y \
+    aws-cfn-bootstrap \
+    conntrack \
+    curl \
+    git \
+    socat \
+    unzip \
+    wget
+
+curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py"
+sudo python get-pip.py
+rm get-pip.py
+sudo pip install --upgrade awscli
+
+################################################################################
+### Docker #####################################################################
+################################################################################
+
+sudo yum install -y yum-utils device-mapper-persistent-data lvm2
+sudo amazon-linux-extras enable docker
+sudo yum install -y docker-17.06*
+sudo usermod -aG docker $USER
+
+# Clean up yum caches to reduce the image size
+sudo yum clean all
+
+# Enable docker daemon to start on boot.
+sudo systemctl daemon-reload
+sudo systemctl enable docker
+
+################################################################################
+### AWS Security Arsenal #######################################################
+################################################################################
+# get the latest list of tools from https://github.com/toniblyx/my-arsenal-of-aws-security-tools
+# and clone them in to the /opt/arsenal directory
+git clone https://github.com/toniblyx/my-arsenal-of-aws-security-tools
+cd my-arsenal-of-aws-security-tools
+# skipping RhinoSecurityLabs/pacu since it is not public yet and billing alerts CFN templates
+TOOLS_URL_LIST=$(grep github.com README.md |awk -F '[' '{ print $2 }'| awk -F ']' '{ print $1 }' | grep -v pacu$|grep -v btkrausen)
+sudo mkdir -p /opt/arsenal
+cd /opt/arsenal
+for tool_url in $TOOLS_URL_LIST; do
+  sudo git clone $tool_url
+done

ami/manifest.json

@@ -0,0 +1,13 @@
+{
+  "builds": [
+    {
+      "name": "amazon-ebs",
+      "builder_type": "amazon-ebs",
+      "build_time": 1533335897,
+      "files": null,
+      "artifact_id": "us-east-1:ami-05bbc777606893c06",
+      "packer_run_uuid": "d64c8557-ff41-86f1-c9a5-511a79216c9e"
+    }
+  ],
+  "last_run_uuid": "d64c8557-ff41-86f1-c9a5-511a79216c9e"
+}

ami/my-aws-security-arsenal-packer-config.json

@@ -0,0 +1,65 @@
+{
+  "variables": {
+    "aws_region": "us-east-1",
+    "ami_name": "My-AWS-Security-Arsenal-v0.1-{{timestamp}}",
+    "creator": "toni@blyx.com",
+    "instance_type": "t2.medium",
+    "source_ami_id": "ami-b70554c8"
+  },
+
+  "builders": [
+    {
+      "type": "amazon-ebs",
+      "region": "{{user `aws_region`}}",
+      "source_ami": "{{user `source_ami_id`}}",
+      "source_ami_filter": {
+        "filters": {
+          "architecture": "x86_64",
+          "name": "amzn2-ami-hvm-*",
+          "owner-id": "137112412989",
+          "root-device-type": "ebs",
+          "state": "available",
+          "virtualization-type": "hvm"
+        },
+        "most_recent": true
+      },
+      "instance_type": "{{user `instance_type`}}",
+      "launch_block_device_mappings": [
+        {
+          "device_name": "/dev/xvda",
+          "volume_type": "gp2",
+          "volume_size": 20,
+          "delete_on_termination": true
+        }
+      ],
+      "ssh_username": "ec2-user",
+      "ssh_pty": true,
+      "run_tags": {
+          "creator": "{{user `creator`}}"
+      },
+      "tags": {
+          "created": "{{timestamp}}"
+      },
+      "ami_name": "{{user `ami_name`}}",
+      "ami_description": "My AWS Security Arsenal AMI with AmazonLinux2 image - toni@blyx.com"
+    }
+  ],
+
+  "provisioners": [
+    {
+      "type": "shell",
+      "inline": ["mkdir -p /tmp/arsenal/"]
+    },
+    {
+      "type": "shell",
+      "script": "install-tools.sh"
+    }
+  ],
+  "post-processors": [
+    {
+      "type": "manifest",
+      "output": "manifest.json",
+      "strip_path": true
+    }
+  ]
+}