rhel9_anssi_bp28_enhanced

Overview Versions Insights

ANSSI-BP-028 (enhanced)

Ansible Role for ANSSI-BP-028 (enhanced)

Profile Description:
This profile contains configurations that align to ANSSI-BP-028 v2.0 at the enhanced hardening level.
ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
A copy of the ANSSI-BP-028 can be found at the ANSSI website:
https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system

The tasks that are used in this role are generated using OpenSCAP. See the OpenSCAP project for more details on Ansible playbook generation at https://github.com/OpenSCAP/openscap

To submit a fix or enhancement for an Ansible task that is failing or missing in this role, see the ComplianceAsCode project at https://github.com/ComplianceAsCode/content

Requirements

  • Ansible version 2.9 or higher

Role Variables

To customize the role to your liking, check out the list of variables.

Dependencies

N/A

Example Role Usage

Run ansible-galaxy install RedHatOfficial.rhel9_anssi_bp28_enhanced to download and install the role. Then, you can use the following playbook snippet to run the Ansible role:

- hosts: all
  roles:
     - { role: RedHatOfficial.rhel9_anssi_bp28_enhanced }

Next, check the playbook using (on the localhost) the following example:

ansible-playbook -i "localhost," -c local --check playbook.yml

To deploy it, use (this may change configuration of your local machine!):

ansible-playbook -i "localhost," -c local playbook.yml

License

BSD-3-Clause

Author Information

This Ansible remediation role has been generated from the body of security policies developed by the ComplianceAsCode project. Please see https://github.com/complianceascode/content/blob/master/Contributors.md for an updated list of authors and contributors.

About

ANSSI-BP-028 (enhanced)

role anssi anssibp28enhanced compliance complianceascode hardening openscap redhat redhatofficial rhel9 scap security ssg system
Install
ansible-galaxy install RedHatOfficial/ansible-role-rhel9-anssi_bp28_enhanced
GitHub repository
1 stars
2 forks
1 open issues
License
other
Downloads
135
Owner
Red Hat
The GitHub organization for Red Hat. This organization contains unsupported open source projects and code that have been started by Red Hat associates.