Leveraging Terraform to automatically set up target resources
At this point, we should already have a few resources (such as the QLDB ledger database and the S3 bucket where we stored our flags) created in our account. In this section, we will use Terraform to set up a few more resources to complete the IAM privilege escalation lab.
Here’s an overview of the resources we’ll create and configure in this section:
Figure 7.23 – The resources we will create and configure using Terraform
Given that our lab environment should mimic an ML workshop environment, we will create and configure (1) an IAM user for accessing the workshop environment and (2) a SageMaker notebook instance with the relevant workshop files, including the Jupyter Notebook .ipynb file already downloaded inside the instance. Here, the workshop IAM user should only have the permissions to list down and access the SageMaker notebook instances available. In addition to...
