Create new IAM User (#121)

Summary:
Pull Request resolved: #121

Cloud TTP to be opensourced

Reviewed By: l50

Differential Revision: D59925699

fbshipit-source-id: 645ec591649df951b6864f71a31c3436ee9ee548

ttps/cloud/aws/iam/create-new-iam-user/README.md

@@ -0,0 +1,43 @@
+# Create new IAM user
+
+![Meta TTP](https://img.shields.io/badge/Meta_TTP-blue)
+
+This TTP is used to create a new IAM user in AWS. It uses the AWS CLI to create a new user with the specified name.
+  If a user with given name exists, nothing is done and the TTP is closed.
+  If a user does not exist a new user is created.
+  It is also deleted during cleanup. `--no-cleanup` options should be explicity specified if we do not want the new user created to be deleted.
+
+
+## Arguments
+
+
+- **iam_user_name**: The name of the new IAM user to be created.
+
+## Steps
+
+1. Set up necessary cloud environment variables.
+2. Check if an IAM user exists with provided user name
+3. Create a new IAM user if no existing user is found with given IAM user name.
+4. By deafult during the cleanup, delete the recently created IAM user.
+
+## Manual Reproduction Steps
+
+```
+
+# Check if a user exists with provided user name
+aws iam get-user --user-name "IAM_USER_NAME"
+
+# Create a new user
+aws iam create-user --user-name "IAM_USER_NAME"
+
+# Setup persistence command in a RC SHELL script file: eg
+aws iam delete-user --user-name "IAM_USER_NAME"
+
+```
+
+## MITRE ATT&CK Mapping
+
+- **Tactics**:
+  - TA0003 Persistence
+- **Techniques**:
+  - T1098 Account Manipulation

ttps/cloud/aws/iam/create-new-iam-user/create-new-iam-user.yaml

@@ -0,0 +1,49 @@
+---
+api_version: 2.0
+uuid: 29f9ab13-4c19-410f-8638-082c7f5c4127
+name: create_iam_user
+description: |
+  This TTP is used to create a new IAM user in AWS. It uses the AWS CLI to create a new user with the specified name.
+  If a user with given name exists, nothing is done and the TTP is closed.
+  If a user does not exist a new user is created. It is also deleted during cleanup.
+  `--no-cleanup` options should be explicity specified if we do not want the new user created to be deleted.
+
+args:
+  - name: iam_user_name
+    description: The name of the new IAM user to be created.
+    default: purple_trojan
+
+mitre:
+  tactics:
+    - TA0003 Persistence
+  techniques:
+    - T1098 Account Manipulation
+
+steps:
+  - name: aws-connector
+    description: This step invokes the verifies aws creds are present and aws cli is available.
+    ttp: //helpers/cloud/aws/validate-aws-env-configured.yaml
+    args:
+      region: "{{ .Args.region }}"
+  - name: create_user_if_does_not_exist
+    description: Check if the specified IAM user exists. If not create a new one.
+    inline: |
+      echo "Checking if user {{.Args.iam_user_name}} exists..."
+      set +e
+      aws iam get-user --user-name {{.Args.iam_user_name}} 2>&1
+      user_exists=$?
+      set -e
+      if [ $user_exists -ne 0 ]; then
+        echo -e "User {{.Args.iam_user_name}} does not exist. Proceeding with creating new one... \n"
+        aws iam create-user --user-name {{.Args.iam_user_name}}
+      else
+        echo "User {{.Args.iam_user_name}} exists. Quitting..."
+        exit 1
+      fi
+    cleanup:
+      inline: |
+        user_exists=$(aws iam get-user --user-name {{.Args.iam_user_name}} 2>&1)
+        if ! [ $? -ne 0 ]; then
+          echo -e "User {{.Args.iam_user_name}} found. Proceeding with deleting the user during cleanup... \n "
+          aws iam delete-user --user-name {{.Args.iam_user_name}}
+        fi