C2S for Red Hat Enterprise Linux 7

Ansible Role for C2S on Red Hat Enterprise Linux 7

Profile Description:
This profile shows how to meet the requirements of the
U.S. Government Commercial Cloud Services (C2S) standards.

It is based on the Center for Internet Security
(CIS) Red Hat Enterprise Linux 7 Benchmark, v2.1.1 - 01-31-2017.

To stay compliant with
CIS' rules, especially Restrictions(8), be aware that
the C2S profile may not guarantee your system meets the CIS
standards.

Tasks in this role are created using OpenSCAP.
For more information on how the Ansible playbook is generated, visit OpenSCAP.

If you want to report a bug or suggest an improvement for a failing or missing Ansible task, check the ComplianceAsCode project at ComplianceAsCode.

Requirements

• Ansible version 2.5 or higher

Role Variables

To customize the role, refer to the list of variables.

Dependencies

None

Example Playbook

To download and install the role, run ansible-galaxy install RedHatOfficial.rhel7_c2s. Then, you can use this playbook snippet to apply the Ansible role:

- hosts: all
  roles:
     - { role: RedHatOfficial.rhel7_c2s }

Next, verify the playbook (on your local machine) with this command:

ansible-playbook -i "localhost," -c local --check playbook.yml

To run it (note: this may change your local machine settings!):

ansible-playbook -i "localhost," -c local playbook.yml

License

BSD-3-Clause

Author Information

This Ansible role has been created based on the security policies from the ComplianceAsCode project. For a current list of authors and contributors, see Contributors.