Skip to content

Ansible role to apply CIS security rules fixes to Red Hat Linux systems

License

Notifications You must be signed in to change notification settings

geoffstratton/ansible-cis-redhat

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Role Name

ansible-cis-redhat

Description

Ansible role to apply the CIS 2.0 security rule fixes to a Red Hat Linux 7 system.

This role was developed and tested on a Mint 20.2 system using Molecule 3. Some ideas for testing these rules with container are provided here but you'll need to modify these for your own environment. (Using containers on a Red Hat host with an active subscription is strongly recommended.) A Molecule setup, simple Dockerfile for the Docker driver and Red Hat 7 and 8 containers from Red Hat's Container Registry are included as well.

Molecule 3 changed the default verifier to Ansible (from testinfra). A basic test setup for Molecule 3 is included as well.

Full instructions for setting up this environment are available at GeoffStratton.com.

To use official RHEL images you'll need to generate a Red Hat Container Registry service account. (Yes, you can do this with the free Red Hat Developer subscription.) You'll then need to provide your username and password token to the molecule.yml file; I just used shell variables but you could also use a CI/CD tool like Travis or other methods.

Requirements

  • ansible
  • molecule
  • python

License

GNU General Public License v3.0

Author Information

Geoff Stratton

About

Ansible role to apply CIS security rules fixes to Red Hat Linux systems

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages