Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)

Ansible Role for Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)

Profile Description:
This profile includes the basic security settings recommended by Red Hat, Inc for Red Hat Enterprise Linux 8 instances that are set up by Red Hat Certified Cloud Providers.

The tasks in this role are created using OpenSCAP. For more details on how Ansible playbooks are generated, check the OpenSCAP project at https://github.com/OpenSCAP/openscap.

If you want to suggest a fix or add a new task for an Ansible task that isn’t working or is missing, look at the ComplianceAsCode project at https://github.com/ComplianceAsCode/content.

Requirements

• Ansible version 2.9 or newer

Role Variables

To customize this role, see the list of variables.

Dependencies

N/A

Example Role Usage

To download and install the role, run:
ansible-galaxy install RedHatOfficial.rhel8_rht_ccp.

Then, you can use the following snippet in your playbook to run the role:

- hosts: all
  roles:
     - { role: RedHatOfficial.rhel8_rht_ccp }

Next, to check the playbook on your local machine, use this command:

ansible-playbook -i "localhost," -c local --check playbook.yml

To apply the changes (note that this may alter your local machine's configuration!):

ansible-playbook -i "localhost," -c local playbook.yml

License

BSD-3-Clause

Author Information

This Ansible remediation role has been created based on security policies developed by the ComplianceAsCode project. For the latest list of authors and contributors, please visit here.