📋
A Journey From IT to IT Security
  • IT Training Resources
  • IT Security Roles
    • Web Application Security Specialist
      • Training Guide
      • Self-hosted Training Lab
        • Vulnerable Web Apps
      • Web Security testing Methodology
        • 1 Footprinting
        • 2 Scanning
        • 3 Enumeration
        • 4 Gaining Access
        • 5 Maintain Access
        • 6 Covering Tracks
        • 7 Vulnerability assessment
    • DevSecOps Engineer
      • Training Guide
      • Building a DevSecOps CD/CI Pipeline
        • Self-hosted DevOps CD/CI platforms
        • Software Component Analysis (SCA)
        • Static Application Security Testing (SAST)
        • Dynamic Application Security Testing (DAST)
        • System Hardening
        • System Compliance Analysis
        • Vulnerability Analysis
      • Ready-to-use and train DevSecOps CD/CI Pipeline
    • Chief Information Security Officer (CISO)
    • Digital Forensics Investigator
      • Forensics Methodology
    • Cloud Security Engineer
      • Getting started with kubernetes
  • Resources
    • IT Basics
      • Networking Basics Study Guide
      • RBAC / ABAC
      • Anonymous Surfing
      • Python Programming
      • Infrastructure as code
      • Containers
        • Docker
        • Docker security
      • The Security Development Lifecycle (SDL)
    • Literature
    • Useful Tool Tutorials
    • Useful Online Tools
    • Exploits
  • Unsorted
    • Gitlab-ci with docker-compose
Powered by GitBook
On this page
  • Ansible
  • Ansible challenges
  • More
  1. Resources
  2. IT Basics

Infrastructure as code

Ansible

Manages different systems that define a infrastructure. These systems can be a jenkins, git server, a container, a webserver. Ansible uses ssh to communicate with these systems.

For security testing ansible can help hardening a platform, test security patches, patch systems without downtime.

System Hardening

System Hardening is the process of securing a system’s configuration and settings to reduce IT vulnerability and the possibility of being compromised. This can be done by reducing the attack surface and attack vectors which attackers continuously try to exploit for purpose of malicious activity.

Hardening and Securing servers is often time-consuming, error-prone, non-portable and not scalable.

Modules

Allow to control system components. Modules are executable libraries (or scripts)

Tasks

Smallest entity in ansible. Install a package could be a task.

Roles

A role is a set of tasks to configure a host to serve a certain purpose like configuring a service. A role is an independent component which allows reuse of common configuration steps. It has to be used within a playbook.

Roles are stored by an active community in ansible galaxy. Like docker hub where you can find community developed containers, you'll find preconfigured roles in galaxy.

Playbook

Contains instructions to configure a system/a node

Inventory

All systems that are managed by ansible are regrouped into the inventory.

Ansible challenges

ssh key management, monitoring

More

PreviousPython ProgrammingNextContainers

Last updated 3 years ago

https://serversforhackers.com/s/ansible
https://www.youtube.com/watch?v=w8fOEEMqpOw
https://docs.ansible.com/ansible/latest/user_guide/intro_getting_started.html
https://www.tutorialspoint.com/ansible/index.htm