RETIRED, Security Role for OpenStack-Ansible
6826bccd97
The regular expressions for max_log_file and space_left were not specific enough and the options were repeated in the auditd.conf over multiple runs of the security role. This patch makes those regular expressions more specific. A manual backport was required due to some variable namespacing work done in master. Closes-bug: 1604958 Change-Id: I56925d6b983d156543ba853b3dca846fb460949e |
||
|---|---|---|
| defaults | ||
| doc | ||
| files | ||
| handlers | ||
| meta | ||
| releasenotes | ||
| tasks | ||
| templates | ||
| tests | ||
| vars | ||
| .gitignore | ||
| .gitreview | ||
| LICENSE | ||
| other-requirements.txt | ||
| README.md | ||
| README.rst | ||
| run_tests.sh | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
| Vagrantfile | ||
openstack-ansible-security
The goal of the openstack-ansible-security role is to improve security within openstack-ansible deployments. The role is based on the Security Technical Implementation Guide (STIG) for Red Hat Enterprise Linux 6.
Requirements
This role can be used with or without the openstack-ansible role. It requires Ansible 1.8.3 at a minimum.
Role Variables
All of the variables for this role are in defaults/main.yml.
Dependencies
This role has no dependencies.
Example Playbook
Using the role is fairly straightforward:
- hosts: servers
roles:
- openstack-ansible-security
Running with Vagrant
Security Ansible can be easily run for testing using Vagrant.
To do so run:
vagrant destroy To destroy any previously created Vagrant setup
vagrant up Spin up Ubuntu Trusty VM and run ansible-security against it
License
Apache 2.0
Author Information
For more information, join #openstack-ansible on Freenode.