Ansible role for security hardening
ac1093f98d
This commit adds an initial Vagrant setup that will run the security ansible tests in check mode against a clean Ubuntu Trusty 64 image. Change-Id: If5499dd111c66b9888d3fbc0772c568ef08954f5 Co-Authored-By: Rob Clark <robert.clark@hpe.com> Co-Authored-By: Eric Brown <browne@vmware.com> |
||
|---|---|---|
| defaults | ||
| doc | ||
| files | ||
| handlers | ||
| meta | ||
| tasks | ||
| templates | ||
| tests | ||
| vars | ||
| .gitignore | ||
| .gitreview | ||
| LICENSE | ||
| README.md | ||
| README.rst | ||
| run_tests.sh | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
| Vagrantfile | ||
openstack-ansible-security
The goal of the openstack-ansible-security role is to improve security within openstack-ansible deployments. The role is based on the Security Technical Implementation Guide (STIG) for Red Hat Enterprise Linux 6.
Requirements
This role can be used with or without the openstack-ansible role. It requires Ansible 1.8 at a minimum.
Role Variables
All of the variables for this role are in defaults/main.yml.
Dependencies
This role has no dependencies.
Example Playbook
Using the role is fairly straightforward:
- hosts: servers
roles:
- openstack-ansible-security
Running with Vagrant
Security Ansible can be easily run for testing using Vagrant.
To do so run:
vagrant destroy To destroy any previously created Vagrant setup
vagrant up Spin up Ubuntu Trusty VM and run ansible-security against it
License
Apache 2.0
Author Information
For more information, join #openstack-ansible on Freenode.