Closed bbaassssiiee closed 6 months ago
Overall Review of Changes:
Issue Fixes:
Enhancements:
How has this been tested?:
--- - name: Security Audit hosts: all become: true gather_facts: true pre_tasks: - name: Install packages ansible.builtin.package: state: present name: - openscap-scanner - scap-security-guide post_tasks: - name: Run CIS oscap scan and create /tmp/report.html ansible.builtin.command: oscap xccdf eval --profile cis \ --report /tmp/report.html \ /usr/share/xml/scap/ssg/content/ssg-almalinux9-ds.xml changed_when: true no_log: false register: scan_return failed_when: scan_return.stdout is not defined - name: Set permissions ansible.builtin.file: path: /tmp/report.html owner: "{{ ansible_ssh_user }}" mode: '0600'
Overall Review of Changes:
Issue Fixes:
Enhancements:
How has this been tested?: