Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Learn Ansible

You're reading from   Learn Ansible Automate your cloud infrastructure, security configuration, and application deployment with Ansible

Arrow left icon
Product type Paperback
Published in May 2024
Publisher Packt
ISBN-13 9781835088913
Length 414 pages
Edition 2nd Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Russ McKendrick Russ McKendrick
Author Profile Icon Russ McKendrick
Russ McKendrick
Arrow right icon
View More author details
Toc

Table of Contents (24) Chapters Close

Preface 1. Part 1: Introducing, Installing, and Running Ansible FREE CHAPTER
2. Chapter 1: Installing and Running Ansible 3. Chapter 2: Exploring Ansible Galaxy 4. Chapter 3: The Ansible Commands 5. Part 2: Deploying Applications
6. Chapter 4: Deploying a LAMP Stack 7. Chapter 5: Deploying WordPress 8. Chapter 6: Targeting Multiple Distributions 9. Chapter 7: Ansible Windows Modules 10. Part 3: Network and Cloud Automation
11. Chapter 8: Ansible Network Modules 12. Chapter 9: Moving to the Cloud 13. Chapter 10: Building Out a Cloud Network 14. Chapter 11: Highly Available Cloud Deployments 15. Chapter 12: Building Out a VMware Deployment 16. Part 4: Ansible Workflows
17. Chapter 13: Scanning Your Ansible Playbooks 18. Chapter 14: Hardening Your Servers Using Ansible 19. Chapter 15: Using Ansible with GitHub Actions and Azure DevOps 20. Chapter 16: Introducing Ansible AWX and Red Hat Ansible Automation Platform 21. Chapter 17: Next Steps with Ansible 22. Index 23. Other Books You May Enjoy

Why scan your playbooks?

While we have been taking a sensible approach to deploying our cloud resources in previous chapters, many of the guardrails we have put in place have all been ones I have learned through experience and by applying a little common sense.

For example, when launching a virtual machine resource in either Microsoft Azure or Amazon Web Services, we have been locking down the SSH or RDP service to the host’s public IP address, which is running Ansible; up until now, this has been your local machine rather than just opening SSH or RDP to the world by using 0.0.0.0/0 as the source address, which is the CIDR notation for allow all.”

This is not a problem for the workloads we have been working on; having a virtual machine exposed directly to the internet with its management port open for everyone to access is not considered best practice, as it will expose you to brute-force attacks, which, if they are successful, will not only lead to that...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image