-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Replace inline strings with module parameters
Signed-off-by: Anže Luzar <[email protected]>
- Loading branch information
Showing
27 changed files
with
164 additions
and
82 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,54 +1,71 @@ | ||
--- | ||
|
||
- name: "SECTION | 1.1.1.x | Disable unused filesystems" | ||
ansible.builtin.import_tasks: cis_1.1.1.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.1.x.yml | ||
|
||
- name: "SECTION | 1.1.2.x | Configure /tmp" | ||
ansible.builtin.import_tasks: cis_1.1.2.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.2.x.yml | ||
|
||
- name: "SECTION | 1.1.3.x | Configure /var" | ||
ansible.builtin.import_tasks: cis_1.1.3.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.3.x.yml | ||
|
||
- name: "SECTION | 1.1.4.x | Configure /var/tmp" | ||
ansible.builtin.import_tasks: cis_1.1.4.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.4.x.yml | ||
|
||
- name: "SECTION | 1.1.5.x | Configure /var/log" | ||
ansible.builtin.import_tasks: cis_1.1.5.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.5.x.yml | ||
|
||
- name: "SECTION | 1.1.6.x | Configure /var/log/audit" | ||
ansible.builtin.import_tasks: cis_1.1.6.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.6.x.yml | ||
|
||
- name: "SECTION | 1.1.7.x | Configure /home" | ||
ansible.builtin.import_tasks: cis_1.1.7.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.7.x.yml | ||
|
||
- name: "SECTION | 1.1.8.x | Configure /dev/shm" | ||
ansible.builtin.import_tasks: cis_1.1.8.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.8.x.yml | ||
|
||
- name: "SECTION | 1.1.9 | Disable various mounting" | ||
ansible.builtin.import_tasks: cis_1.1.9.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.1.9.yml | ||
|
||
- name: "SECTION | 1.2 | Configure Software Updates" | ||
ansible.builtin.import_tasks: cis_1.2.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.2.x.yml | ||
|
||
- name: "SECTION | 1.3 | Filesystem Integrity Checking" | ||
ansible.builtin.import_tasks: cis_1.3.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.3.x.yml | ||
when: amzn2023cis_config_aide | ||
|
||
- name: "SECTION | 1.4 | Secure Boot Settings" | ||
ansible.builtin.import_tasks: cis_1.4.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.4.x.yml | ||
|
||
- name: "SECTION | 1.5 | Additional Process Hardening" | ||
ansible.builtin.import_tasks: cis_1.5.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.5.x.yml | ||
|
||
- name: "SECTION | 1.6 | Mandatory Access Control" | ||
include_tasks: cis_1.6.1.x.yml | ||
ansible.builtin.include_tasks: | ||
file: cis_1.6.1.x.yml | ||
when: not amzn2023cis_selinux_disable | ||
|
||
- name: "SECTION | 1.7 | Command Line Warning Banners" | ||
ansible.builtin.import_tasks: cis_1.7.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.7.x.yml | ||
|
||
- name: "SECTION | 1.8 | Updates and Patches" | ||
ansible.builtin.import_tasks: cis_1.8.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_1.8.yml | ||
|
||
- name: "SECTION | 1.9 | Crypto policies" | ||
include_tasks: cis_1.9.yml | ||
ansible.builtin.include_tasks: | ||
file: cis_1.9.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,17 @@ | ||
--- | ||
|
||
- name: "SECTION | 2.1 | Time Synchronization" | ||
ansible.builtin.import_tasks: cis_2.1.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_2.1.x.yml | ||
|
||
- name: "SECTION | 2.2 | Special Purpose Services" | ||
ansible.builtin.import_tasks: cis_2.2.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_2.2.x.yml | ||
|
||
- name: "SECTION | 2.3 | Service Clients" | ||
ansible.builtin.import_tasks: cis_2.3.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_2.3.x.yml | ||
|
||
- name: "SECTION | 2.4 | Nonessential services removed" | ||
ansible.builtin.import_tasks: cis_2.4.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_2.4.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,16 +1,21 @@ | ||
--- | ||
|
||
- name: "SECTION | 3.1.x | Disable unused network protocols and devices" | ||
ansible.builtin.import_tasks: cis_3.1.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_3.1.x.yml | ||
|
||
- name: "SECTION | 3.2.x | Network Parameters (Host Only)" | ||
ansible.builtin.import_tasks: cis_3.2.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_3.2.x.yml | ||
|
||
- name: "SECTION | 3.3.x | Network Parameters (host and Router)" | ||
ansible.builtin.import_tasks: cis_3.3.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_3.3.x.yml | ||
|
||
- name: "SECTION | 3.4.1.x | Firewall configuration" | ||
ansible.builtin.import_tasks: cis_3.4.1.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_3.4.1.x.yml | ||
|
||
- name: "SECTION | 3.4.2.x | Configure firewall" | ||
ansible.builtin.import_tasks: cis_3.4.2.x.yml | ||
ansible.builtin.import_tasks: | ||
file: cis_3.4.2.x.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.