Installation and deployment instructions for DISA_STIG_CentOS6 playbook
Install and update ansible;
yum -y install epel-release
yum -y update
yum -y install ansible
Verify the installation and version
ansible --version
Generate key on your Ansible machine. *Accept defaults and leave passphrase empty for now.
ssh-keygen -t rsa
Next we need to send out the key to every webhost and database on the network.
ssh-copy-id root@[10.10.2.112]
Install git on your Ansible machine
yum -y install git
Download git repository into local directory
git clone https://github.com/CelestialCruz/DISA-STIG_CentOS6.git
Head into the "DISA-STIG_CentOS6" directory
Edit the "aws_environment" file and fill in the AWS Access and Secret key that corresponds to your account.
Edit the "webservers.yml" file and match each parameter to a value that corresponds to your AWS environment. This file is referenced in the Commission role.
Edit the "main.yml" file located in /roles/OpenSCAP/tasks/ and adjust the email information to match who you want to recieve the report. *Do is optional and the script will not fail, nor will it inhibit generating the report in anyway if you ignore that task.
Finally, run the playbook
ansible-playbook -vv -i localhost, -e "type=webservers" project.yml -v