Problem Statement

One of the primary objectives of the honeynet project is "Scalability and Flexibility" via deployment across multiple cloud providers. Currently, the repository contains foundational work for AWS, but lacks modules for other major cloud providers like Google Cloud Platform (GCP).

Proposed Solution

To fulfill the multi-cloud requirement, I propose creating a highly secure, reusable Terraform module for GCP (terraform/modules/gcp_honeypot/). This module will be completely isolated from the existing AWS codebase to prevent conflicts.

Implementation Details

To maintain a strict security posture (ensuring the honeypot cannot be used as an attack pivot), the module should include:

• Dedicated VPC & Subnet: Isolated networking with VPC Flow Logs enabled.
• Strict Firewall Rules:
  • Ingress: Allow traffic from 0.0.0.0/0 only on specific honeypot bait ports (e.g., 2222, 23, 80). Allow admin SSH only from a trusted operator CIDR.
  • Egress: Default deny-all. Allow outbound only to necessary logging endpoints/package repos (ports 443/80).
• Compute Instance: Shielded VM (Secure Boot, vTPM) running Ubuntu.
• IAM: A dedicated, least-privilege Service Account with only logging.logWriter and monitoring.metricWriter roles.

Task Checklist

• Provision GCP VPC and Subnet
• Configure explicit Ingress and Egress firewall rules
• Create least-privilege Service Account
• Provision Compute Engine instance mapped to the network and SA