IT is undergoing a massive paradigm shift. From a time where uptime was a measure of IT success, we are moving to the idea of immutable infrastructure, where, based on the requirements, we can spin up and trash a server on demand automatically. Ansible is playing a lead role in this transformation. It has become the tool of choice for companies big and small for tasks that are meant for one server to entire clusters.
This book is about security automation. We apply our knowledge of Ansible to different scenarios and workloads that revolve around security, hence the title. When boring and mundane tasks are automated, people doing those tasks can focus on solving the security problems they are dealing with. This enables a whole new way to looking at how we learn about security (trainings), how much we can store, process, and analyze log data (DFIR), how we can keep applying security updates without any interruptions (security operations), and more.
In this book, we will share our experience of the types of automation we can enable using Ansible. You may be familiar with some of these, or they may be entirely new to you. Regardless, rather than trying to prescribe how Ansible should be used, we hope that you will read and understand how you can take each of these playbooks/workflows, and make your security work faster, better, and more reliable, or simply have fun creating complex infrastructure scenarios for yourself or others.
This book would not have been possible without the excellent documentation provided by the folks at Red Hat Ansible and countless other blogs and projects already creating secure, resilient playbooks that we can all learn from and use.
The book is divided into three main sections:
- Essential Ansible you should be familiar with, for building useful playbooks
- Security automation techniques and approaches
- Extending and programming Ansible for even more security
The idea is to get you to quickly refresh your knowledge of Ansible and move on to becoming productive with it, and toward the end, you'll see how you can do even more by extending Ansible or creating your own security modules.
