Infrastructure security

Even though we use the containers for deployment we have to make sure the underlying infrastructure is also secure.To harden the underlying Infrastructure I am going to use Ansible. Ansible is configuration management tool that help to configure the servers via code. I am going to use Ansible-role to perform the set of task to harden the underlying Infrastructure

Github Actions

name: Infra-scan on: push: jobs: checkout-repo: runs-on: ubuntu-latest steps: - name: Checkout 🛎️ uses: actions/checkout@v2 - name : Installing ansible run : | sudo apt update sudo apt install ansible ansible-galaxy --version - name: Setting up the ansible run : | cd ansible echo "$SSH_KEY" > pentest_key chmod 600 pentest_key echo "$IP" >> inventory ansible-galaxy collection install devsec.hardening ansible-playbook playbook.yaml env: SSH_KEY: ${{secrets.KEY}} IP: ${{secrets.IP}}

Reference

  1. https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html

  2. https://dev-sec.io/