aws-inspector
Ansible Role: AWS Inspector
Installs AWS Inspector (awsagent) on RedHat/CentOS or Debian/Ubuntu.
Requirements
None.
Role Variables
Available variables are listed below, along with default values (see defaults/main.yml
):
aws_inspector_url: "https://d1wk0tztpsntt1.cloudfront.net/linux/latest/install"
aws_inspector_installer_dest: /tmp/aws_inspector_agent_installer
URL from which inspector installer will be downloaded, and temporary directory where installer will be stored.
awsagent_state: started
awsagent_enabled: true
Control the awsagent
service; by default, for Amazon Inspector to work correctly, you must have awsagent
running on any server you want inspected.
There is also a handler, restart awsagent
, which can be used to restart the agent.
aws_inspector_role_test_mode: false
Set this to true
if testing or using this role outside of an EC2 instance (e.g. if testing in CI or building a server in a different cloud environment).
There is also support for proxy configuration:
aws_inspector_proxy_enabled: false
aws_inspector_https_proxy: 127.0.0.1:8080
aws_inspector_http_proxy: 127.0.0.1:8080
aws_inspector_no_proxy: 169.254.169.254
Set aws_inspector_proxy_enabled
to true
and configure the rest of *_proxy
variables to create a /etc/init.d/awsagent.env
file that will enable proxy support.
Dependencies
None.
Example Playbook
- hosts: ec2-instances
roles:
- geerlingguy.aws-inspector
License
MIT / BSD
Author Information
This role was created in 2017 by Jeff Geerling, author of Ansible for DevOps.
ansible-galaxy install geerlingguy/ansible-role-aws-inspector