Skip to content

nayoa/hardened-ami

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
ansible
ansible
 
 
scripts
scripts
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
README.md
README.md
 
 
packer.json
packer.json
 
 

Repository files navigation

AWS Hardened AMI

This repository builds an AMI that uses the DevSec Hardening Framework SSH and OS hardening ansible roles. The roles provide numerous security-related configurations that follow security best practices.

Why

We want to ensure all instances and AMI's we provision have a secure configuration and the likelihood of attacks is minimal. The DevSec community keeps the playbooks up to do date with the DevSec Linux Security Baseline which gives us the extra security we need.

Source code structure

├── ansible
│   ├── playbook.yaml                       <-- Ansible playbook file
│   ├── requirements.yaml                   <-- Ansible Galaxy requirements containing additional Roles to be used (DevSec)
├── scripts
│   └── install_ansible.sh                  <-- Updates packages and installs ansible on the OS
├── .gitlab-ci.yml                          <-- Gitlab CI pipeline
├── packer.json                             <-- Packer template to build AMI

Built with

About

Hardened AMI that is compliant with the DevSec Linux Baseline https://dev-sec.io/baselines/linux/ Built using Packer, Ansible and Shell commands https://github.com/dev-sec/ansible-os-hardening https://github.com/dev-sec/ansible-ssh-hardening

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages