Ansible for installing Threatstack Agent
Ruby
Latest commit 41c9d63 Dec 7, 2016 @tmclaugh tmclaugh committed on GitHub Merge pull request #21 from threatstack/multi-ruleset
Add multiple ruleset handling to test framework.
Permalink
Failed to load latest commit information.
defaults
handlers
meta
tasks
templates
tests
.gitignore
.kitchen.yml Add multiple ruleset handling to test framework. Dec 7, 2016
.travis.yml
Gemfile Add missing gem Nov 18, 2016
LICENSE
README.md

README.md

Threat Stack Ansible Role

Build Status

Ansible Role to deploy the Threat Stack server agent.

Threatstack @ Ansible Galaxy

Platforms

  • Amazon Linux
  • CentOS
  • RedHat
  • Ubuntu

Role Variables

The following variables are available for override.

threatstack_deploy_key:         # Required. Your Cloud Sight API Key
threatstack_ruleset:            # The Agent's rule set, will default to "Default Rule Set".
                                # Define multiple rule sets using a comma seperated list.
threatstack_pkg_url:            # Location of package repo. Only change if you mirror your own.
threatstack_pkg:                # name of package. Specify package version using "threatstack-agent=X.Y.Z"
threatstack_hostname:           # The display hostname in the Threat Stack UI
threatstack_configure_agent:    # Optionally do not configure the host, just install package
threatstack_agent_config_args:  # Pass optional configuration arguments during agent registration.

Install

Using ansible galaxy, best for ad-hoc command situations:

$ ansible-galaxy install threatstack.threatstack-ansible

To install into your playbook roles, use -p ROLES_PATH or --path=ROLES_PATH

$ ansible-galaxy install threatstack.threatstack-ansible -p /your/project/root/roles

Check out: Advanced Control over Role Requirements Files

Examples

1) Install Threat Stack agent with the default rule set and reports system hostname to threatstack. This is the most basic configuration

- hosts: all
  roles:
    - { role: threatstack.threatstack-ansible, threatstack_deploy_key: XXXXXXXXXXXXX}

2) Install Threat Stack agent with custom security rules set and custom hostname:

- hosts: web-servers
  roles:
    - role: threatstack.threatstack-ansible
      threatstack_deploy_key: XXXXXXXXXXXXX
      threatstack_ruleset: "Base Rule Set, Custom Rule Set"
      threatstack_hostname: dev_web01_us-east-1c

3) Install the Threat Stack agent but do not configure it. NOTE: Useful for configuring a base image to be repeatedly deployed with the agent pre-installed.

- hosts: aws-image
  roles:
    - role: threatstack.threatstack-ansible
      threatstack_configure_agent: false

4) Install a particular version of the Threat Stack agent. Use in situations where you perform controlled rollouts of all new package versions.

- hosts: hosts
  roles:
    - role: threatstack.threatstack-ansible
      threatstack_deploy_key: XXXXXXXXXXXXX
      threatstack_pkg: threatstack-agent=1.4.4.0ubuntu14.0

Dependencies

None

License

Apache 2.0

Author Information

Apollo Catlin apollo@threatstack.com Use github issues for bugs in this repo.