openstack/openstack-ansible
Code Issues Proposed changes
Files
a478d7af25b4081b38babd074f8eb2159e7a72c4
openstack-ansible/doc/source/user/security/hardening.rst
Dmitriy Chubinidze cce02da19d [doc] Fix missing security-hardening by switching to FQCN 
The playbook security-hardening.yml could not be found, so update the commands to use the fully qualified collection name (FQCN)

Change-Id: I53d3ce527df483ffc8d582ba3343aa063f6e5887
Signed-off-by: Dmitriy Chubinidze <dcu995@gmail.com>
2025-09-03 23:46:59 +00:00

1.0 KiB
Raw Blame History

Apply ansible-hardening

The ansible-hardening role is applicable to physical hosts within an OpenStack-Ansible deployment that are operating as any type of node, infrastructure or compute. By default, the role is enabled. You can disable it by changing the value of the apply_security_hardening variable in the user_variables.yml file to false:

apply_security_hardening: false

You can apply security hardening configurations to an existing environment or audit an environment by using a playbook supplied with OpenStack-Ansible:

# Apply security hardening configurations
  openstack-ansible openstack.osa.security_hardening

# Perform a quick audit by using Ansible's check mode
  openstack-ansible --check openstack.osa.security_hardening

For more information about the security configurations, see the security hardening role documentation.