Ansible For Security by Examples
$8.99
Minimum price
$12.99
Suggested price

Ansible For Security by Examples

100+ Automation Examples to Automate Security and Verify Compliance for IT Modern Infrastructure

About the Book

Ansible is an Open Source IT automation tool. This book contains all of the prominent and not-so-obvious best practices of Ansible automation for Security and Compliance.

Every successful IT department needs automation nowadays for bare metal servers, virtual machines, could, containers, and edge computing. Automate your IT journey with Ansible automation technology. 

You will start with installing Ansible in Enterprise Linux, Community Linux, Windows, and macOS using the most command package manager and archives.

Each of the 100+ lessons summarizes a module: from the most crucial parameter to some Ansible code and real-life usage. Each code is battle-proved in real life. Simplifying mundane activities like creating a text file, extracting and archiving, and fetching a repository using HTTPS or SSH connections could be automated with some lines of code. These are only some of the long lists included in the course.

Some Ansible codes are usable in all Linux systems, some specific for RedHat-like, Debian-like, and Windows systems.

The 20+ Ansible troubleshooting lesson teaches you how to read the error message, how to reproduce it, and the process of troubleshooting and resolution.

Are you ready to automate your day with Ansible?

Examples in the book are tested with the latest version of Ansible 2.9+ and Ansible Core 2.11+.

  • Share this book

  • Categories

    • Ansible
    • Infrastructure as Code
    • System Integration
  • Feedback

    Email the Author(s)

About the Author

Luca Berton
Luca Berton

Luca Berton is an Ansible Automation Expert who has been working with JPMorgan Chase & Co. and previously worked with the Red Hat Hat Ansible Engineer Team for three years. Published author of the Ansible for VMware by Examples and Ansible for Kubernetes by Examples best-seller of the Ansible By Example(s) practical book series and creator of the Ansible Pilot project. With more than 15 years of experience as a System Administrator, he has strong expertise in Infrastructure Hardening and Automation. Enthusiast of the Open Source supports the community, sharing his knowledge in different events of public access. Geek by nature, Linux by choice, Fedora, of course.

Table of Contents

  • Introduction
    • Modern IT Infrastructure
    • Whois Luca Berton
  • Ansible For Beginners With Examples
    • What is Ansible
    • Getting Started
    • Inventory
    • Playbook
    • Variables
    • Facts and Magic Variables
    • Vault
    • Conditional
    • Loop
    • Handler
    • Role
    • Ansible Best Practices
  • Install Ansible
    • Ansible terminology - ansible vs ansible-core packages
    • Installing Ansible in Red Hat Enterprise Linux (RHEL) 8 with Ansible Engine
    • Installing Ansible in Ubuntu LTS: Universe and PPA Repositories Guide
    • Install Ansible in Fedora
    • Installing Ansible on CentOS 9 Stream
    • Install Ansible in Windows WSL Windows Subsystem for Linux
    • Installing Ansible on macOS Using Homebrew
    • Installing Ansible on SUSE Linux Enterprise Server (SLES)
    • Installing Ansible with PIP
    • Installing Ansible Core on Red Hat Enterprise Linux (RHEL) 9
    • Installing Ansible in Amazon Linux
  • Ansible For Linux
    • Test host availability - Ansible module ping
    • How to print a text or a variable during the execution with Ansible
    • Edit single-line text - Ansible module lineinfile
    • Edit multi-line text - Ansible module blockinfile
    • Read a file into a variable on host - Ansible lookup plugin file
    • Reboot remote hosts - Ansible module reboot
    • Checkout git repository via HTTPS - Ansible module git
    • Checkout git repository via SSH - Ansible module git
    • Copy files to remote hosts - Local to Remote - Ansible module copy
    • Copy files from remote hosts - Remote to Local - Ansible module fetch
    • Start and enable services on boot on Linux remote hosts - Ansible module service_facts, service
    • Restart services on remote hosts - Ansible module service
    • Stop and disable services on boot on remote hosts - Ansible module service_facts, service
    • Apply a file template - Ansible module template - HTML placeholder
    • Loop in file template - Ansible module template - Generate hosts file
    • Schedule a Cron Job task in Linux - Ansible module cron
    • Read a file from remote hosts - Ansible module slurp
    • Read an environment variable - Ansible lookup plugin env”
    • Permanently Set Remote System Wide Environment Variables on Linux - /etc/environment - Ansible module lineinfile
    • Write a Variable to a File - Ansible module copy vs template
  • Ansible Tip & Tricks
    • Pause execution - Ansible module pause
    • How to Pass Variables to Ansible Playbook in command line? - Ansible extra variables
    • Break a string over multiple lines - Ansible Literal and Folded Block Scalar operators
    • Ansible terminology - ansible_hostname vs inventory_hostname vs ansible_fqdn
    • Set remote environment per task or play - Ansible environment statement
    • Execute command on the Ansible host - Ansible localhost
    • Three options to Safely Limit Ansible Playbooks Execution to a Single Machine
    • Filter A List By Its Attributes - Ansible selectattr filter
    • Using Date, Time and Timestamp in Ansible Playbook - Ansible Tip and Tricks
    • Using Date, Time and Timestamp without Facts in Ansible Playbook - Ansible date and lookup plugin
    • Ansible Magic Variables - Ansible Tip and Tricks
    • Ansible Playbook Dry Run - check and diff mode
    • Ansible modules - command vs shell
    • Write a Variable to a File - Ansible module copy vs template
  • Ansible Code reuse: Roles and Collections with Ansible Galaxy
    • Download and Use Ansible Galaxy Role - ansible-galaxy and requirements.yml
    • Download and Use Ansible Galaxy Collection - ansible-galaxy and requirements.yml
  • Ansible for Linux Filesystem
    • Create an empty file - Ansible module file
    • Create a text file - Ansible module copy
    • Check if a file exists - Ansible module stat
    • How to create a directory with Ansible?
    • How to check if a directory exists in Ansible?
    • How to rename a file or directory using an Ansible task on a remote system?
    • Change file permission - Ansible module file
    • Add Execute Permission 755 Linux file - Ansible module file
    • Delete file or directory - Ansible module file
    • Download a file - Ansible module get_url
    • Extract an archive - Ansible module unarchive
    • Create a symbolic link (also symlink or soft link) in Linux - Ansible module file
    • Create a hard link in Linux - Ansible module file
    • Mount a Windows share in Linux SMB/CIFS - Ansible module mount
    • Mount an NFS share in Linux - Ansible module mount
    • Concatenate multiple files in a specific order - Ansible module template and YAML
    • Backup With Rsync - Local to Remote - Ansible module synchronize
    • How to Delete Only Files Inside a Directory - Ansible module find
    • Find All Files with Extension - Ansible module find
    • Search for a String in a File -Ansible module lineinfile
    • Links
  • Ansible For Linux User Management
    • Ansible create a user account
    • Ansible remove user account
    • Ansible change user password
    • Ansible disable user account
    • Ansible enable user account
    • Ansible user password expiration
    • Ansible creates a group
    • Ansible deletes a group account
    • Ansible changes the User Primary Group on Linux
    • Ansible adds a user to a secondary group(s)
  • Ansible Playbook Code interact with Web Services API
    • Submit a GET request to a REST API endpoint - Interact with web services - Ansible module uri
    • Token-Based Authentication in REST API - Interact with web-service - Ansible module uri - Authentication request using the REST API token
  • Ansible For Containers
    • Ansible install Docker in Debian-like systems
    • Ansible install Docker in RedHat-like systems
    • Install Docker in Windows-like systems - Ansible module win_chocolatey
    • Install Zoom flatpak in Debian-like systems - Ansible module flatpak
    • Install Zoom flatpak in RedHat-like systems - Ansible module flatpak
    • Update Zoom flatpak(s) in Linux systems - Ansible module command
    • Install Spotify snap in Debian-like systems - Ansible module snap
    • Install Spotify snap in RedHat-like systems - Ansible module snap
    • Deploy Apache Web Server in a Docker Container for Debian-like systems - Ansible modules docker_image and docker_container
    • Deploy Apache Web Server in a Podman Container for RedHat-like systems - Ansible modules podman_image and podman_container
  • Ansible For Kubernetes
    • Install Red Hat CodeReady Containers to run OpenShift 4 in macOS
    • Create Kubernetes K8s or OpenShift OCP namespace project - Ansible module k8s
    • Create Kubernetes K8s or OpenShift OCP Pod - nginx - Ansible module k8s
    • Create Kubernetes K8s or OpenShift OCP Secret - Ansible module k8s
    • Create Kubernetes K8s or OpenShift OCP service - Ansible module k8s
    • Assign CPU Resources to Kubernetes K8s or OpenShift OCP Containers and Pods — Ansible module k8s
    • Assign Memory Resources to Kubernetes K8s or OpenShift OCP Containers and Pods - Ansible module k8s
    • Configure a Pod to Use a Volume for Storage - Ansible module k8s
    • Apply Multiple Yaml Files at Once on Kubernetes K8s or OpenShift OCP - Ansible module k8s and lookup plugin fileglob
  • Ansible For Linux Security
    • Set sysctl kernel parameters - Ansible module sysctl
    • Load and Unload Kernel Modules in Linux - Ansible module modprobe
    • Set the SELinux Policy States and Modes on Linux - Ansible module selinux
    • Configure Kernel Parameters in RedHat-like Linux systems - Ansible system role
    • Enable or Disable SELinux Boolean on Linux - Ansible module seboolean
    • Enable or Disable Permissive Domain in SELinux policy on Linux - Ansible module selinux_permissive
    • Vulnerability Scanner/Detector Log4Shell Remote Code Execution Log4j (CVE-2021–44228) — Ansible log4j-cve-2021–44228
  • Ansible Playbook Code for RedHat-like systems
    • Register a system with Red Hat Subscription-Manager - Ansible module redhat_subscription
    • Install a package in RedHat like systems - Ansible module yum
    • Rolling Update RedHat like systems - Ansible module yum
    • Open firewall ports in RedHat like systems - Ansible module firewalld
    • Install Google Chrome in RedHat-like systems - Ansible module rpm_key, yum_repos
    • Install Microsoft Edge in RedHat-like systems - Ansible module rpm_key, yum_repository and yum
    • NFS Server - Export an NFS Share in RedHat-like systems: RHEL, CentOS, CentOS Stream, Fedora - Ansible modules yum, file, lineinfile, command, firewalld, service
    • Deploy a web server apache httpd on RedHat-like systems - Ansible modules yum, copy, service firewalld
    • Deploy a proxy server squid on RedHat-like systems - Ansible modules yum, template, service and firewalld
    • Deploy a web server apache httpd virtualhost on RedHat-like systems - Ansible modules yum, file, copy, template, service and firewalld
  • Ansible Playbook Code for Debian-like systems
    • Install a package in Debian like systems - Ansible module apt
    • Rolling Update Debian-like systems - Ansible module apt
    • Open firewall ports in Debian like systems - Ansible module ufw
    • Install Google Chrome in Debian-like systems - Ansible module apt_key, apt_repos
    • Install Microsoft Edge in Debian-like systems - Ansible module apt_key, apt_repository and apt
    • Deploy a web server apache httpd on Debian-like systems - Ansible modules apt, copy, service and ufw
    • Deploy a web server apache httpd virtual host on Debian-like systems - Ansible modules apt, file, copy, template, command, ufw and service
  • Ansible Playbook Code for Suse-like systems
    • Install a package in Suse-like systems - Ansible module zypper
    • Install Google Chrome in Suse-like systems - Ansible module rpm_key, zypper_repo
  • Ansible Troubleshooting The Most Common Errors
    • Ansible troubleshooting - connection failed
    • Ansible troubleshooting - macOS fork error
    • Ansible troubleshooting - indentation error
    • Ansible troubleshooting - syntax error
    • Ansible troubleshooting - undefined variable
    • Ansible troubleshooting - invalid argument
    • Ansible troubleshooting - privilege escalation error
    • Ansible troubleshooting - missing sudo password and incorrect sudo password
    • Ansible troubleshooting - missing module parameter
    • Ansible troubleshooting - failure downloading
    • Ansible troubleshooting - chgrp failed
    • Ansible troubleshooting - not a valid attribute for a Play error
    • Ansible troubleshooting - fatal template error while templating string
    • Ansible troubleshooting - PowerShell incompatible with the sudo become plugin
    • Ansible troubleshooting - passwordless account
    • Ansible troubleshooting - user module password_expiry_min bug
    • Ansible troubleshooting - Windows 10 Error 0x80370102 WSL: Windows Subsystem for Linux
    • Ansible troubleshooting - Windows 11 Error 0x80370102 WSL: Windows Subsystem for Linux
    • Ansible troubleshooting - urlopen error
    • Ansible troubleshooting - destination does not exist
    • Ansible troubleshooting - Destination does not exist rc 257
    • Ansible troubleshooting - “role not found” error
    • Ansible troubleshooting - permission denied Errno 13
    • Ansible troubleshooting - VARIABLE IS NOT DEFINED! ansible_hostname
    • Ansible troubleshooting - This command has to be run under the root user
    • Ansible troubleshooting - Kubernetes K8s or OpenShift OCP 401 Unauthorized
  • Thank you

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.

You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!

So, there's no reason not to click the Add to Cart button, is there?

See full terms...

80% Royalties. Earn $16 on a $20 book.

We pay 80% royalties. That's not a typo: you earn $16 on a $20 sale. If we sell 5000 non-refunded copies of your book or course for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earnedover $13 millionwriting, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub