How to deploy with Terraform
Follow the steps below to deploy the platform using Terraform.
Step-by-Step Guide
-
Clone the Repository:
Clone the / Forensic Acquisition and Investigation Deployment Templates from GitHub:
GitHub Repo -
Navigate to the Deployment Directory:
Go to the root aws_v2 folder within the cloned repository. -
Configure Deployment Settings:
Modify theawsVars.tfvarsfile to match your deployment needs. This file contains key variables for your deployment configuration. -
Initialize Terraform:
Run the following command to initialize the Terraform working directory:terraform init -
Preview the Deployment Plan:
To review the configuration and ensure everything is set up correctly, run:terraform plan -var-file="awsVars.tfvars" -
Deploy the Infrastructure:
When ready to deploy, run:terraform apply -var-file="awsVars.tfvars"Note: If you're using Windows, avoid running this command in PowerShell as it may not handle quotes properly. Use the Command Prompt instead.
Key Parameters
| Parameter Name | Value | Description |
|---|---|---|
region | (AWS region) | AWS region for deploying / Forensic Acquisition and Investigation, e.g., us-east-1. |
key_name | (key pair name) | SSH key pair for accessing the / Forensic Acquisition and Investigation instance (optional, but useful for troubleshooting). |
ami_id | (AMI ID) | Contact / Forensic Acquisition and Investigation Sales or view the update JSON to get the appropriate AMI ID for your region. |
public_deployment | True or False | Set to True for public IP access. Set to False to deploy behind an ALB with a DNS URL. |
certificate_arn | (ARN) | ARN of the certificate to assign to the ALB (required if public_deployment is False). |
tags | (key-value map) | Tags for organizing and identifying your AWS resources. |
vm_size | m5.4xlarge | Choose your instance type (default: m5.4xlarge). |
vol_size | (disk size in GB) | The disk size for the instance (default: 100 GB). |
ssh_location | (CIDR range) | IP address or range allowed for SSH access (recommended to restrict to specific IPs). |
http_location | (CIDR range) | IP address or range allowed for HTTPS access (recommended to restrict to specific IPs). |
custom_networking | (optional) | For custom VPC deployments. Specify VPC and subnet IDs if deploying in an existing network setup. |
proxy | (proxy URL) | Optional: URL of the proxy server to use for outbound connections. |
proxy_cert_url | (certificate URL) | Optional: URL to download the proxy certificate, if needed. |
Deploying into Custom Networking
For custom networking configurations:
- For Public deployments, supply
vpc_idandpublic_subnet_id. - For Private deployments, supply
vpc_id,public_subnet_id,public_subnet_b_id, andprivate_subnet_id.
With private deployments, please note that the 'public' subnet variables are referring overall to the subnet that will be the gateway of sorts for the private subnet id's - and not a literal public-facing subnet.
Final Steps
-
Initialize the Platform:
Once the infrastructure is deployed, a one-time initialization process will begin. The entire deployment and initialization process typically takes 10-15 minutes. -
Log into / Forensic Acquisition and Investigation:
After deployment, log into the the platform. The initial username isadmin, and the password is the instance ID of your deployed platform. You’ll be prompted to change your password upon first login.
Log into Cado -
Import a License:
You will also need to import a license file (in JSON format) after logging in.
Identifying the AMI ID
To find the latest AMI ID for the / Forensic Acquisition and Investigation platform, visit the following link:
View Latest AMIs