Skip to content

Ansible role to configure scap client on a Red Hat Satellite registered system without using puppet

License

Notifications You must be signed in to change notification settings

morenod/ansible-role-scap-client

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Openscap client configuration Role

About

Role created to configure a client to execute openscap policies based on the information obtained from a Red Hat Satellite/Foreman Host.

Steps and configuration changes obtained from the foreman_scap_client puppet module

The role has to be executed with root permission, using the root user or via sudo because it will modify system parameters.

Ansible Requirements

RPM Repositories have to be enabled and containing required packages.

Configuration parameters

Required vars to be overwritten

  • satellite_server: Used to obtain policy parameters
  • satellite_username: Used to obtain policy parameters
  • satellite_password: Used to obtain policy parameters
  • capsule_server: Used to configure openscap client config.yaml file
  • capsule_port: Used to configure openscap client config.yaml file
  • policy_name: Name of the SCAP Policy to be configured

Example playbook

---
- name: openscap client
  hosts: <<host list>>
  remote_user: <<user>>
  gather_facts: true
  become: yes
  become_user: root
  become_method: sudo
  vars:
    satellite_server: satellite.example.com
    satellite_username`: admin
    satellite_password`: verycomplexpassword
    capsule_server`: capsule.example.com
    policy_name`: 'rhel7-pci'
  roles:
        - ansible-ipaRegister

About

Ansible role to configure scap client on a Red Hat Satellite registered system without using puppet

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published