You're reading from Learn Ansible Automate your cloud infrastructure, security configuration, and application deployment with Ansible

Product type Paperback

Published in May 2024

Publisher Packt

ISBN-13 9781835088913

Length 414 pages

Edition 2nd Edition

Tools

Ansible

Concepts

Cloud Computing

Author (1):

Russ McKendrick

View More author details

Table of Contents (24) Chapters

Preface

1. Part 1: Introducing, Installing, and Running Ansible FREE CHAPTER

2. Chapter 1: Installing and Running Ansible

3. Chapter 2: Exploring Ansible Galaxy

4. Chapter 3: The Ansible Commands

5. Part 2: Deploying Applications

6. Chapter 4: Deploying a LAMP Stack

7. Chapter 5: Deploying WordPress

8. Chapter 6: Targeting Multiple Distributions

9. Chapter 7: Ansible Windows Modules

10. Part 3: Network and Cloud Automation

11. Chapter 8: Ansible Network Modules

12. Chapter 9: Moving to the Cloud

13. Chapter 10: Building Out a Cloud Network

14. Chapter 11: Highly Available Cloud Deployments

15. Chapter 12: Building Out a VMware Deployment

16. Part 4: Ansible Workflows

17. Chapter 13: Scanning Your Ansible Playbooks

18. Chapter 14: Hardening Your Servers Using Ansible

19. Chapter 15: Using Ansible with GitHub Actions and Azure DevOps

20. Chapter 16: Introducing Ansible AWX and Red Hat Ansible Automation Platform

21. Chapter 17: Next Steps with Ansible

22. Index

Why subscribe?

23. Other Books You May Enjoy

Summary

In this chapter, we have covered two tools that we can add to our workflows, and we manually ran scans against the playbook we developed in Chapter 11, Highly Available Cloud Deployments. As mentioned in the chapter, Checkov's support for Ansible is relatively new, so it has a different coverage to KICS. However, I am sure you agree that both tools worked well.

Important note

There is one elephant in the room, though; even without the same coverage level, both tools came up with slightly different results, so you should never rely on them 100% to fully secure your deployments. Think of them as trusted colleagues reviewing your code for anything obvious that stands out as being an issue rather than a security-focused cloud platform architect with a working knowledge of your workload who dictates precisely what measures you should take when deploying your infrastructure in a secure way fully.

As already mentioned at the end of the previous section, we will be revisiting...