https://github.com/major/ansible-role-cis

DEPRECATED: Use https://github.com/major/cis-rhel-ansible
https://github.com/major/ansible-role-cis

Last synced: 8 months ago
JSON representation

DEPRECATED: Use https://github.com/major/cis-rhel-ansible

• Host: GitHub
• URL: https://github.com/major/ansible-role-cis
• Owner: major
• Created: 2014-08-28T03:07:44.000Z (almost 12 years ago)
• Default Branch: master
• Last Pushed: 2023-12-15T05:50:27.000Z (over 2 years ago)
• Last Synced: 2025-06-21T10:06:37.824Z (12 months ago)
• Homepage: https://github.com/major/cis-rhel-ansible
• Size: 50.8 KB
• Stars: 41
• Watchers: 11
• Forks: 25
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# DEPRECATED - DON'T USE

**You'll want to refer to this repository going forward:**

  * https://github.com/major/cis-rhel-ansible

CIS

=========

This role can be used to audit or remediate a host against the Center for Internet Security (CIS) security benchmarks.

*Disclaimer: This project has no affiliation with CIS.  The role and its contents have not been reviewed or endorsed by CIS.*

Requirements

------------

This role has no requirements or dependencies.

Role Variables

--------------

A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.

Dependencies

------------

Some sensible defaults are configured and documented within defaults/main.yml.  These defaults are set so they would cause minimal disruption to a production system.  However, it's *your* responsibility to verify that the default configuration will not harm your production server.  *Always* run the role in check mode if you're unsure of its effects.

Be aware that some of the default variables are set against CIS recommendations in the hopes that they will cause minimal disruption to a system.

Example Playbook

----------------

Playbooks can utilize the CIS role without much effort:

    - hosts: all

      roles:

        - cis 

The role is thoroughly tagged so that you can run certain sections or certain levels of checks:

    # Test only items from section 4

    ansible-playbook -i hosts -C playbook.yml -t section4

    # Apply changes only from items in section 4, 5, and 6

    ansible-playbook -i hosts playbook.yml -t section4,section5,section6

License

-------

Apache License, Version 2.0

Author Information

------------------

Major Hayden