resource "random_password" "http-cs-teamserver-password" {
override_special = "@%)-_+[}:"
user = var.cs-http-c2-user
subnet_id = var.private_subnet_id
instance_type = var.instance_type
security_groups = var.base-internal-security_groups
security_groups_inbound_http = var.base-public-security_groups
depends_on = [module.http-c2]
user = var.cs-http-c2-user
subnet_id = var.public_subnet_id
instance_type = var.instance_type
security_groups = var.base-public-security_groups
redirect_to = module.http-c2.http-c2-private-ip
module "http-rdir-A-records" {
source = "../create-dns-record"
depends_on = [module.http-rdir]
domain = local.cs-http-c2-tld
(var.cs-http-c2-domain) = module.http-rdir.http-rdr-public-ip
module "http-c2-create-certs" {
source = "../letsencrypt/create-cert-dns"
depends_on = [module.http-rdir-A-records]
domain = var.cs-http-c2-domain
subject_alternative_names = {
(var.cs-http-c2-domain) = ["*.${var.cs-http-c2-domain}"]
reg_email = "${var.cs-http-c2-user}@${local.cs-http-c2-tld}"
module "http-c2-ansible"{
source = "../../ansible/cobalt-strike"
depends_on = [module.http-c2, module.http-c2-create-certs]
ansible-user = var.cs-http-c2-user
ip = module.http-c2.http-c2-private-ip
domain = var.cs-http-c2-domain
bind-address = module.http-rdir.http-rdr-public-ip
c2-profile = var.c2-profile
cs-license = var.cs-license
teamserver-password = random_password.http-cs-teamserver-password.result