MVP - AMI - Rework build AMI workflow to omit the use of a base AMI

[Enaraque]

Description

For this MVP, we are going to change the way the current workflow is working.

Currently, the workflow creates an EC2 instance using the allocator, which utilizes a pre-created base AMI. This AMI already has several configurations in place, such as the Wazuh logo, the wazuh-user user, and the cloud-cfg.
This configuration is done using the script mentioned in the spike:

generate_base_ami.sh

#!/bin/sh

set -euxo pipefail

# Define paths
CLOUD_CFG_PATH="/etc/cloud/cloud.cfg"
SSH_CONFIG_PATH="/etc/ssh/sshd_config"

# Define user and password
WAZUH_USER="wazuh-user"
WAZUH_PASSWORD="wazuh"

# Define SSH port
SSH_PORT="22"

WAZUH_LOGO="
#!/bin/sh
cat << EOF


wwwwww.           wwwwwww.          wwwwwww.
wwwwwww.          wwwwwww.          wwwwwww.
 wwwwww.         wwwwwwwww.        wwwwwww.
 wwwwwww.        wwwwwwwww.        wwwwwww.
  wwwwww.       wwwwwwwwwww.      wwwwwww.
  wwwwwww.      wwwwwwwwwww.      wwwwwww.
   wwwwww.     wwwwww.wwwwww.    wwwwwww.
   wwwwwww.    wwwww. wwwwww.    wwwwwww.
    wwwwww.   wwwwww.  wwwwww.  wwwwwww.
    wwwwwww.  wwwww.   wwwwww.  wwwwwww.
     wwwwww. wwwwww.    wwwwww.wwwwwww.
     wwwwwww.wwwww.     wwwwww.wwwwwww.
      wwwwwwwwwwww.      wwwwwwwwwwww.
      wwwwwwwwwww.       wwwwwwwwwwww.      oooooo
       wwwwwwwwww.        wwwwwwwwww.      oooooooo
       wwwwwwwww.         wwwwwwwwww.     oooooooooo
        wwwwwwww.          wwwwwwww.      oooooooooo
        wwwwwww.           wwwwwwww.       oooooooo
         wwwwww.            wwwwww.         oooooo


         WAZUH Open Source Security Platform
                  https://wazuh.com


EOF
"

function modify_cloud_cfg() {
    sed -i "s/gecos: .*$/gecos: WAZUH AMI/" "$CLOUD_CFG_PATH"
    sed -i "s/name: .*$/name: $WAZUH_USER/" "$CLOUD_CFG_PATH"
    sed -i "/set-hostname/d" "$CLOUD_CFG_PATH"
    sed -i "s/update-hostname/preserve_hostname: true/" "$CLOUD_CFG_PATH"

    sudo cloud-init clean
    sudo cloud-init init
    sudo cloud-init modules --mode=config
    sudo cloud-init modules --mode=final
}

function modify_hostname() {
    sudo hostnamectl set-hostname wazuh-server
}

function delete_ec2user() {
    sudo userdel -r ec2-user || true
}

function set_ssh_port {
    if grep -q '^Port' "${SSH_CONFIG_PATH}"; then
        CURRENT_SSH_PORT=$(grep '^Port' "${SSH_CONFIG_PATH}" | awk '{print $2}')
        if [ "$CURRENT_SSH_PORT" != "$SSH_PORT" ]; then
            sudo sed -i "s/^Port .*/#Port $SSH_PORT/" "${SSH_CONFIG_PATH}"
            sudo systemctl restart sshd.service
        fi
    fi
}

function set_wazuh_logo() {
    echo "$WAZUH_LOGO" > /etc/update-motd.d/40-wazuh-banner 
}

function clean_up() {
    sudo yum clean all
    sudo rm -rf /var/log/*
    sudo rm -rf /tmp/*
    sudo rm -rf /var/cache/yum/*
    sudo rm  ~/.ssh/*
    sudo yum autoremove
    sudo rm -rf /root/.ssh/*
    cat /dev/null > /root/.bash_history && history -c && exit
    cat /dev/null > ~/.bash_history && history -c && exit
}

modify_cloud_cfg
modify_hostname
delete_ec2user
set_wazuh_logo
set_ssh_port
clean_up

We need to change this so that, in the same workflow, it will no longer be necessary to work with a custom AMI. Instead, using the base AL2023 AMI from AWS, we should be able to perform both the initial configuration (script) and the configuration currently being done in the workflow.

DRI

@teddytpc1