DISA STIG for Red Hat Enterprise Linux 8

Ansible Role for DISA STIG for Red Hat Enterprise Linux 8

Profile Description

This profile includes configuration checks that follow the DISA STIG for Red Hat Enterprise Linux 8 V1R13. It applies not only to Red Hat Enterprise Linux 8 but also to other systems that are based on it, such as:

• Red Hat Enterprise Linux Server
• Red Hat Enterprise Linux Workstation and Desktop
• Red Hat Enterprise Linux for HPC
• Red Hat Storage
• Red Hat Containers using a Red Hat Enterprise Linux 8 image

The tasks in this role are created using OpenSCAP. For more details about generating Ansible playbooks, visit OpenSCAP project.

If you want to report a bug or suggest an improvement for a task that is not working or is missing, visit the ComplianceAsCode project at ComplianceAsCode.

Requirements

• Ansible version 2.9 or higher

Role Variables

To customize this role, please refer to the list of variables.

Dependencies

N/A

Example Role Usage

To download and install the role, run:

ansible-galaxy install RedHatOfficial.rhel8_stig

Then, you can use the following example in your playbook:

- hosts: all
  roles:
     - { role: RedHatOfficial.rhel8_stig }

Next, you can check your playbook on your local machine with this command:

ansible-playbook -i "localhost," -c local --check playbook.yml

To apply the changes (this may alter your local machine’s settings!):

ansible-playbook -i "localhost," -c local playbook.yml

License

BSD-3-Clause

Author Information

This Ansible role is based on security policies created by the ComplianceAsCode project. For a list of authors and contributors, visit here.