Define a complete security baseline and monitor the baseline's rules. The definition of the baseline should be done in Hiera. The purpose of the module is to give the ability to setup a complete security baseline which not necessarily have to stick to industry security guides like the CIS benchmarks.
Unable to disable logrotate_configuration by setting the following in hiera:
cis_security_hardening::rules::logrotate_configuration::enforce: falseThis manifest doesn't check if $enforce is true or false https://github.com/tom-krieger/cis_security_hardening/blob/main/manifests/rules/logrotate_configuration.pp
Tested on Ubuntu 22.04 with puppet-server 7.17.3-1jammy & puppet-agent 7.33.0-1jammy