Addressed some CR comments and improved README's and firewall rules a bit

envs/monkey_maker/README.md

@@ -13,7 +13,7 @@ To setup you need to put `accessKeys` file into `./aws_keys` directory.
 
 Contents of `accessKeys` file should be as follows:
 
-```
+```ini
 [default]
 aws_access_key_id = <...>
 aws_secret_access_key = <...>
@@ -21,12 +21,12 @@ aws_secret_access_key = <...>
 Also review `./terraform/config.tf` file.
 
 Launch the environment by going into `terraform` folder and running
-```angular2html
+```
 terraform init
 terraform apply
 ```
 
-### Usage
+## Usage
 
 To login to windows use Administrator: %HwuzI!Uzsyfa=cB*XaQ6xxHqopfj)h) credentials
 

envs/os_compatibility/README.md

@@ -29,8 +29,9 @@ terraform apply
 
 ## Usage
 
+0. Add your machine's IP to the `os_compat_island` security group ingress rules.
 1. Launch os_compat_ISLAND machine and upload your binaries/update island. Reset island environment.
-2. Launch/Reboot all other os_compat test machines (Can be filtered with tag "Puropose: os_compat_instance")
+2. Launch/Reboot all other os_compat test machines (Can be filtered with tag "Purpose: os_compat_instance")
 3. Wait until machines boot and run monkey
 4. Launch `test_compatibility.py` pytest script with island ip parameter 
 (e.g. `test_compatibility.py --island 111.111.111.111:5000`)
@@ -58,3 +59,20 @@ A quick reference for usernames on different machines (if in doubt check officia
 - CentOS: centos
 - Everything else: ec2-user
 
+To manually verify the machine is compatible use commands to download and execute the monkey.
+
+Example commands:
+ - Powershell:
+```cmd
+[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
+Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction SilentlyContinue
+Invoke-WebRequest -Uri 'https://10.0.0.251:5000/api/monkey/download/monkey-windows-64.exe' -OutFile 'C:\windows\temp\monkey-windows-64.exe' -UseBasicParsing
+C:\windows\temp\monkey-windows-64.exe m0nk3y -s 10.0.0.251:5000
+```
+
+ - Bash:
+```shell script
+wget --no-check-certificate -q https://10.0.0.251:5000/api/monkey/download/monkey-linux-64 -O ./monkey-linux-64 || curl https://10.0.0.251:5000/api/monkey/download/monkey-linux-64 -k -o monkey-linux-64
+chmod +x ./monkey-linux-64
+./monkey-linux-64 m0nk3y -s 10.0.0.251:5000
+```

envs/os_compatibility/terraform/infra.tf

@@ -43,7 +43,7 @@ resource "aws_subnet" "main" {
   }
 }
 
-resource "aws_security_group" "os_compat_islad" {
+resource "aws_security_group" "os_compat_island" {
   name        = "os_compat_island"
   description = "Allow remote access to the island"
   vpc_id      = "${aws_vpc.os_compat_vpc.id}"
@@ -52,7 +52,7 @@ resource "aws_security_group" "os_compat_islad" {
     from_port   = 0
     to_port     = 0
     protocol    = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
+    cidr_blocks = ["10.0.0.0/24"]
   }
 
   egress {
@@ -69,7 +69,7 @@ resource "aws_security_group" "os_compat_islad" {
 
 resource "aws_security_group" "os_compat_instance" {
   name        = "os_compat_instance"
-  description = "Disables remote access to vulnerable instances"
+  description = "Allow remote access to the machines"
   vpc_id      = "${aws_vpc.os_compat_vpc.id}"
 
   ingress {

envs/os_compatibility/terraform/instances.tf

@@ -11,7 +11,7 @@ resource "aws_instance" "island" {
   tags = {
     Name = "os_compat_ISLAND"
   }
-  vpc_security_group_ids = ["${aws_security_group.os_compat_islad.id}"]
+  vpc_security_group_ids = ["${aws_security_group.os_compat_island.id}"]
   associate_public_ip_address = true
   root_block_device {
     volume_size           = "30"