Ansible Automation | Apply CIS Security BenchMarking for RHEL/ CentOS 6

5 Comments



As a system/build engineer we spend lot of time on searching and applying the security recommendations for RHEL/CentOS SOE images. In this video demo is on Ansible CIS benchmark role written by Major Hayden.

This saves a lot of time and accuracy level is very high.

Thanks to Major Hayden.

source

5 Comments
    • blank
      K M
      May 10, 2022 13:24 pm Reply

      Thanks Bro , really benefited from your tutorial. Keep it up.

    • blank
      Margus Sumla
      May 10, 2022 13:24 pm Reply

      Great video. Next time check your sound levels.

    • blank
      Abhishek Sharma
      May 10, 2022 13:24 pm Reply

      Can you share the same for Ubuntu 16.04, it would be a great help if you share any link to start with.

    • blank
      Miguel Brostrom
      May 10, 2022 13:24 pm Reply

      How much configuration is necessary to make this work for Cent OS 7? Or are the benchmarks completely different.

    • blank
      Vasudev N
      May 10, 2022 13:24 pm Reply

      Hi Yogesh, thanks for the excellent job you doing. However, when I have tried to run the playbook getting below error. Please suggest where I'm doing wrong.

      [root@webserver1 cis-rhel-ansible]# ansible-playbook playbook.yml -i hosts –tags section8

      PLAY [all] *******************************************************************

      TASK [setup] *****************************************************************
      [DEPRECATION WARNING]: Accelerated mode is deprecated. Consider using SSH with ControlPersist and pipelining enabled instead.
      This feature will be removed in a future
      release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
      [DEPRECATION WARNING]: accelerate is kept for backwards compatibility but usage is discouraged. The module documentation details page may explain more about this
      rationale..
      This feature will be removed in a future release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
      fatal: [192.168.1.84]: FAILED! => {"failed": true, "msg": "Failed to connect to 192.168.1.84 on the accelerated port 5099"}
      to retry, use: –limit @/etc/ansible/cis-rhel-ansible/playbook.retry

      PLAY RECAP *******************************************************************
      192.168.1.84 : ok=0 changed=0 unreachable=0 failed=1

      [root@webserver1 cis-rhel-ansible]#
      [root@webserver1 cis-rhel-ansible]# cat hosts
      [rhel-6.8]
      192.168.1.84
      [root@webserver1 cis-rhel-ansible]#

      Thanks,
      Vasudev

Leave us a comment