Creates infrastructure used in demonstrations of Domain Protect
- S3 website with route53 CNAME record
- Hosted zone with route53 NS subdomain delegation
- EC2 instance hosting website with public IP and route53 A record
- Elastic Beanstalk OR S3 website with Cloudflare CNAME record
- demonstrate access to websites
- create similar new S3 CNAME using console
- manually destroy EC2 instance, Elastic Beanstalk Environment and hosted zone
- Domain Protect should detect vulnerabilities and send alerts
- AWS Org with Domain Protect installed
- AWS Account with Route53 hosted zone, e.g.
example.com
- AWS user with deployment permissions and keys
- Cloudflare account being scanned by Domain Protect installed
- Cloudflare DNS zone, e.g.
example.net
- Cloudflare API key or API token for deployment
- duplicate
backend.tf.example
andterraform.tfvars.example
- rename without the
example
suffix - enter details for your environment
- the base_domain must correspond to a Route53 hosted zone in your AWS account
terraform init
terraform workspace new demo
terraform plan
terraform apply
- by default the Cloudflare DNS entry will point to an Elastic Beanstalk application
- to deploy a S3 bucket instead of Elastic Beanstalk, in your
tfvars
file add:
cloudflare_demo = "s3"
- destroy immediately after the demo to avoid excessive costs
terraform destroy (yes to confirm)
Corcovado: The Luxury Travel Expert
Fiordland: The Luxury Travel Expert
Yosemite: US National Parks