ansible/ansible-lockdown

Name: ansible-lockdown

Owner: Ansible

Description: Ansible playbook roles for security

Created: 2015-01-27 17:04:25.0

Updated: 2018-01-15 07:02:35.0

Pushed: 2018-01-08 18:11:07.0

Homepage: null

Size: 136

Language: null

GitHub Committers

UserMost Recent Commit# Commits

Other Committers

UserEmailMost Recent Commit# Commits

README

Ansible Lockdown
Intro

Ansible Lockdown is a collection of Ansible roles related to security automation. All roles included in this project must meet the contribution guidelines.

Some roles referenced in this project are a collaborative effort between Ansible and our IT Security partner MindPoint Group to provide you with thorough, vetted, and trusted security roles that you can integrate with any of your existing playbooks or as the building blocks for completely new playbooks. Other roles included in this project, while not vetted by MindPoint Group, have been deemed by the maintainers and community to meet the contribution guidelines.

The initial effort is for the development of roles centered around STIG and CIS benchmark baselines. Based on community feedback we'll then proceed with other security guidelines for additional operating systems and applications.

Community

Most of the communication around the project happens on the mailing list. That is best way to stay up to date with what is happening with the project.

For faster feedback, there is an #ansible-lockdown IRC channel on Freenode.

Instructions

In order to use the roles you should first ensure that you have Ansible installed.

To clone the entire project and use the included playbooks:

git clone --recursive https://github.com/ansible/ansible-lockdown.git

You can also install the roles individually from Ansible Galaxy.

STIGS

The standards are pulled directly from DISA.

CIS

The standards are pulled directly from CIS.

Contributing

Contributions to Ansible Lockdown and roles referenced here will follow a similar process to the main Ansible project. Fork the repository, make changes, and submit a pull request. Pull requests should not contain any merges or merge conflicts.

Feature requests and bug reports should all be opened on the project page for the individual role, not here.

Current Build Statuses for Security Roles

| Standard | OS | Repo | Galaxy Link | Status | | ————-|————–|————–|————————–|————————–| | DISA STIG | RHEL 6 | GitHub | RHEL6-STIG | TBD | | DISA STIG | RHEL 7 | GitHub | RHEL7-STIG | Build Status |

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.