Ansible Role for CIS Red Hat Enterprise Linux 8 Benchmark

Profile Description:
This profile defines a baseline that aligns to the Center for Internet Security®
Red Hat Enterprise Linux 8 Benchmark™, v1.0.0, released 09-30-2019.
This profile includes Center for Internet Security®
Red Hat Enterprise Linux 8 CIS Benchmarks™ content.

The tasks that are used in this role are generated using OpenSCAP. See the OpenSCAP project for more details on Ansible playbook generation at https://github.com/OpenSCAP/openscap

To submit a fix or enhancement for an Ansible task that is failing or missing in this role, see the ComplianceAsCode project at https://github.com/ComplianceAsCode/content

• Ansible version 2.5 or higher

To customize the role to your liking, check out the list of variables.

N/A

Run ansible-galaxy install RedHatOfficial.rhel8_cis to download and install the role. Then, you can use the following playbook snippet to run the Ansible role:

- hosts: all
  roles:
     - { role: RedHatOfficial.rhel8_cis }

Next, check the playbook using (on the localhost) the following example:

ansible-playbook -i "localhost," -c local --check playbook.yml

To deploy it, use (this may change configuration of your local machine!):

ansible-playbook -i "localhost," -c local playbook.yml

BSD-3-Clause

This Ansible remediation role has been generated from the body of security policies developed by the ComplianceAsCode project. Please see https://github.com/complianceascode/content/blob/master/Contributors.md for an updated list of authors and contributors.