[DRAFT] DISA STIG for Red Hat Enterprise Linux 8

Ansible Role for [DRAFT] DISA STIG for Red Hat Enterprise Linux 8

Profile Description:
This profile includes configuration checks that follow the
[DRAFT] DISA STIG for Red Hat Enterprise Linux 8.
It's not only for Red Hat Enterprise Linux 8, but DISA also says this
configuration can be used for other Red Hat technologies, like:

• Red Hat Enterprise Linux Server
• Red Hat Enterprise Linux Workstation and Desktop
• Red Hat Enterprise Linux for HPC
• Red Hat Storage
• Red Hat Containers with a Red Hat Enterprise Linux 8 image

The tasks in this role are created using OpenSCAP.
You can find more information about generating Ansible playbooks at OpenSCAP project.

If you want to report a problem or suggest improvements for an Ansible task that isn’t working or is missing, visit ComplianceAsCode project.

Requirements

• Ansible version 2.5 or newer

Role Variables

To make changes to the role, check the list of variables.

Dependencies

N/A

Example Role Usage

Run ansible-galaxy install RedHatOfficial.rhel8_stig to download and install the role.
Then, you can run this playbook example:

- hosts: all
  roles:
     - { role: RedHatOfficial.rhel8_stig }

To check the playbook on your local machine, use this command:

ansible-playbook -i "localhost," -c local --check playbook.yml

To deploy it (this may change your local machine settings!), run:

ansible-playbook -i "localhost," -c local playbook.yml

License

BSD-3-Clause

Author Information

This Ansible role was created based on security policies from the ComplianceAsCode project.
For the latest list of authors and contributors, visit here.