This ansible content will configure Ubuntu 14 machine to be GSA compliant.
This role will make changes to the system that could break things. This is not an auditing tool but rather a remediation tool to be used after an audit has been conducted. For compliance auditing, use a tool such as nessus or CIS-CAT
This code is based on the GSA Ubuntu 14 v1.0 and the CIS Ubuntu 14 Benchmark v2.0.0 .
You should carefully read through the tasks to make sure these changes will not break your systems before running this playbook.
There are many role variables defined in defaults/main.yml.
By default, many of the variables are turned off. Please review and adjust to meet your organizational requirements.
Note, a subset of controls were removed due to operational impact or organizational dependent variables. Those are listed here *Note: Must have a GSA account to access.
Ansible > 2.4
---
- name: Harden Server
hosts: all
become: yes
roles:
- gsa_hardening
ansible-playbook playbook.yml --connection=local
MIT