ansible-lockdown/AMAZON2023-CIS

Ansible role for Amazon2023 CIS Baseline

YAMLMIT

Issues

1.2.4 incorrectly running for Server Level 1 profile
#88 opened 24 days ago by edjackson-wf
2
Issue on CIS 1.2.1
#14 opened 8 months ago by ssarkar9
8
Unable to connect after run & Amazon heath checks fail
#80 opened 5 months ago by four43
4
The variable "amzn2023cis_authselect['options']" is not used anywhere
#82 opened 2 months ago by darrais
3
How to set root password using the correct encryption version
#86 opened 2 months ago by Ranjith219
4
4.6.5 | PATCH | Ensure default user umask is 027 or more restrictive .. is missing check intentional?
#81 opened 2 months ago by m-j-gardner
2
yum repo keys break during execution
#79 opened 2 months ago by four43
2
TASK [AMAZON2023-CIS : 1.2.1 | AUDIT | Ensure GPG keys are configured | expected keys fail]
#75 opened 2 months ago by siuolkl
9
jmespath package install required on target to run CIS section 6 controls
#13 opened 2 months ago by tburow
1
Task 5.2.4.3 errors when audit log file's mode is already 0600
#90 opened 2 months ago by slallum
1
policycoreutils
#12 opened a year ago by tburow
1
Has anyone came across with syslog installation issue?
#16 opened a year ago by ashfaqsharif
1
consistent tag for ansible-galaxy
#72 opened 4 months ago by jouve
1
Rule 4.6.5 needs some fixes in order to be CIS compliant
#26 opened 7 months ago by DianaMariaDDM
2
Some rules from 4.6.1.x are only implemented using /etc/login.defs and not using the chage tool as well
#62 opened 7 months ago by DianaMariaDDM
0
Small bug in task 5.2.4.5 "Ensure audit configuration files are 640 or more restrictive"
#59 opened 7 months ago by DianaMariaDDM
0
The 'amzn2023cis_use_authconfig' variable needs to be removed
#56 opened 8 months ago by DianaMariaDDM
0
"cis_5.3.yml" file is imported twice
#54 opened 8 months ago by DianaMariaDDM
0
Duplicated 6.1.12 task
#52 opened 8 months ago by DianaMariaDDM
0
A prelim task is not used anywhere
#50 opened 8 months ago by DianaMariaDDM
1
Some rules are missing the "PATCH" keyword, or the "|" character from the title
#48 opened 8 months ago by DianaMariaDDM
0
Inconsistencies between rule titles, when conditionals and tags
#46 opened 8 months ago by DianaMariaDDM
0
Multiple task rule "1.1.2.2, 1.1.2.3, 1.1.2.4" contains a wrong rule number
#44 opened 8 months ago by DianaMariaDDM
0
"PRELIM | 4.3.3 | Find all sudoers files." contains wrong rule number
#42 opened 8 months ago by DianaMariaDDM
0
"PRELIM | capture /etc/password variables" contains wrong tags
#40 opened 8 months ago by DianaMariaDDM
0
Wrong rule number in fail_msg from task "Ensure root password is set" in "tasks/main.yml"
#38 opened 8 months ago by DianaMariaDDM
0
Rule 6.1.10 fails because the command does not retrieve the necessary files
#36 opened 8 months ago by DianaMariaDDM
0
Improve documentation of variables in defaults/main.yml
#33 opened 8 months ago by DianaMariaDDM
0
Rule 4.2.12 fails, because it does not edit all the needed sshd config files
#30 opened 8 months ago by DianaMariaDDM
0
Rules from section 1.6.1.x are not getting executed
#28 opened 8 months ago by DianaMariaDDM
0
Rule 4.2.20 needs a change of value in order to be compliant
#24 opened 8 months ago by DianaMariaDDM
0
Rule 2.2.17 needs to mask the service as well as the socket
#22 opened 8 months ago by DianaMariaDDM
0
Task 2.1.2 was not implemented properly
#20 opened 8 months ago by DianaMariaDDM
1
CIS 5.2.1.2 | PATCH | Ensure auditing for processes that start prior to auditd is enable does not account for extra characters on line
#17 opened 9 months ago by ssarkar9
3
AMAZON linux 2023 unable to connect to ssm
#19 opened 10 months ago by globalpayments-shoebsyed
3
Test with Amazon Linux 2023 ansible-core + python versions
#15 opened a year ago by stewartsmith
1
Instance dont start after appling role due broken /etc/fstab
#2 opened a year ago by babinskiy
5