https://github.com/dgibbs64/ansible-role-mdatp

https://github.com/dgibbs64/ansible-role-mdatp

Last synced: 2 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/dgibbs64/ansible-role-mdatp
• Owner: dgibbs64
• License: mit
• Created: 2024-05-13T12:35:03.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2025-02-28T13:38:51.000Z (3 months ago)
• Last Synced: 2025-03-01T20:54:28.366Z (3 months ago)
• Size: 79.1 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE.md

Awesome Lists containing this project

README

        
# mdatp

An [Ansible](https://www.ansible.com) role that installs and configures Microsoft Defender for Endpoint on Linux.













## About

Microsoft Defender for Endpoint on Linux is a unified endpoint security platform that helps stop breaches. It is designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.

## Requirements

Requires a Microsoft Defender for Endpoint License. You will also need to download `WindowsDefenderATPOnboardingPackage.zip` from the Microsoft Defender Security Center. Instuctions found here.

### Supported Distros

- AlmaLinux >= 8

- AmazonLinux 2023

- CentOS >= 8

- Debian >= 9

- Fedora >= 33

- OracleLinux >= 8

- Redhat Enterprise Linux >= 8

- Rocky Linux >= 8

- Ubuntu >= 20.04

## Role Variables

```yaml

# Enable apt-mark hold

mdatp_apt_package_version_hold: false

# Test connectivity to Microsoft

mdatp_connectivity_test: false

# Test health of MDATP

mdatp_health_test: true

# Apply mdatp_managed.json template

mdatp_managed_json_template: "false"

# MDATP Onboarding Package file location

mdatp_managed_json_location: "mdatp_managed.json.j2"

# Microsoft repository channel insiders-fast|insiders-slow|prod

mdatp_microsoft_repo_channel: "prod"

# Prevent the microsoft repository from being installed

mdatp_microsoft_repo_install_disable: false

# MDATP Onboarding Package file location

mdatp_onboarding_package_location: "WindowsDefenderATPOnboardingPackage.zip"

# MDATP Proxy URL

mdatp_proxy_url: ""

# MDATP state present|absent

mdatp_state: "present"

# MDATP Proxy URL

mdatp_proxy_url: ""

# MDATP YUM package version lock mdatp-101.24032.0007-1

mdatp_yum_package_version:

```

## MDATP Health Test

This role can run a health test on the MDATP client as well as a connectivity test to Microsoft.

### Microsoft Repository

This role will install the Microsoft repository. If you wish to disable this as you use your own repository, set `mdatp_microsoft_repo_install_disable` to `true`.

### Version Lock

Version lock is available as `mdatp_apt_package_version_hold` for apt and `mdatp_yum_package_version` for dnf/yum.

`mdatp_apt_package_version_hold` uses apt-mark hold that will prevent the package from being upgraded to a newer version.

`mdatp_yum_package_version` will lock the package to the specified version.

### Managed JSON Configuration

If you are using a mdatp_managed.json file, you can use the `mdatp_managed_json_template` variable to apply the template. The default is `false`. If you wish to use the template, set this to `true` and set the `mdatp_managed_json_location` to the location of the template. An example template is available within templates.

### Proxy Configuration

`mdatp_proxy_url` can be used to set a proxy for MDATP. This proxy is added to mdatp systemd service file.

## Dependencies

```yaml

community.general

```

## Example Playbook

```yaml

---

- name: mdatp

  hosts: all

  roles:

    - dgibbs64.mdatp

```

## License

MIT

## Author Information

- [Daniel Gibbs](https://danielgibbs.co.uk)