RedHatOfficial.rhel8_cui

Panoramica Versioni Approfondimenti

Unclassified Information in Non-Federal Information Systems and Organizations (NIST 800-171)

Ansible Role for Unclassified Information in Non-Federal Information Systems and Organizations (NIST 800-171)

Profile Description:
According to NIST 800-171, Section 2.2:
There are specific security guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems. This includes:
(i) a basic security requirements section;
(ii) a derived security requirements section.
The basic security requirements come from FIPS Publication 200, which outlines fundamental security needs for federal information systems. The derived security requirements are based on controls from NIST Special Publication 800-53.
This profile is used to configure Red Hat Enterprise Linux 8 according to the NIST Special Publication 800-53 controls that help secure CUI.

The tasks for this role are created using OpenSCAP.
For more details on how to generate Ansible playbooks, visit the OpenSCAP project at https://github.com/OpenSCAP/openscap.

If you want to report a problem or suggest an improvement for a failing or missing Ansible task in this role, check out the ComplianceAsCode project at https://github.com/ComplianceAsCode/content.

Requirements

  • Ansible version 2.9 or higher

Role Variables

To adjust the role to your needs, view the list of variables.

Dependencies

None

Example Role Usage

Run ansible-galaxy install RedHatOfficial.rhel8_cui to download and set up the role. You can then use this playbook snippet to run the Ansible role:

- hosts: all
  roles:
     - { role: RedHatOfficial.rhel8_cui }

Next, you can check the playbook using the following on your localhost:

ansible-playbook -i "localhost," -c local --check playbook.yml

To deploy the changes (note that this may alter your local machine's configuration!):

ansible-playbook -i "localhost," -c local playbook.yml

License

BSD-3-Clause

Author Information

This Ansible remediation role has been created based on security policies developed by the ComplianceAsCode project. For the current list of authors and contributors, see https://github.com/complianceascode/content/blob/master/Contributors.md.

Informazioni sul progetto

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

role compliance complianceascode cui hardening openscap redhat redhatofficial rhel8 scap security ssg system
Installa
ansible-galaxy install RedHatOfficial.rhel8_cui
GitHub repository
15 stelle
9 fork
0 problemi aperti
Licenza
other
Download
7.6k
Proprietario
Red Hat
The GitHub organization for Red Hat. This organization contains unsupported open source projects and code that have been started by Red Hat associates.