Table of Contents
This is the CIS module for RHEL and Ubuntu based systems for server hardenining.
This is a fully parametarized module for hardening servers to the CIS benchmark. The parameters let you easily specify to which degree you want to harden and easily allow for exceptions. This module includes everything scored in the latest CIS benchmarks which can be found in my CIS github repo.
You may need to setup a mail relay, or if your in AWS and using SES, replace the cis::mail stuff with your SES credentials and include the SES module from the forge. Other than that just see the params for all your settings.
include ::cis
puppetlabs/stdlib >=4.6.0
puppetlabs/firewall >=1.1.3
kemra102/auditd >=1.0.2
fiddyspence/sysctl >=1.1.0
mjhas/postfix >=1.0.0
jfryman/selinux >=0.2.3
- RHEL 6,7
- CentOS 6,7
- Fedora 20,20,21
- Ubuntu 12.04,14.04
- Debian 6,7
This module has been tested on:
- RHEL 6,7
- Ubuntu 14.04
Any updates or contibutions are welcome.
Report any issues with current release, as any input will be considered valuable.
- add option for postfix or ses in params
Email: [email protected]
WWW: www.aspendenver.org