Ansible Connector

Getting started with Ansible connector

Updated over a week ago

Technical Overview

Ansible connector provides is a decentralized solution so there is no server to communicate with.
Ansible playbooks can be run on Red Hat, CentOS, and Ubuntu.
Technical flow is as follow:

Defining a Connector

In the Connectors page, click on Add a Connector.

Click on the Ansible connector.

Click on Create.

Deploy patch using Ansible playbooks

One of the most powerful abilities of Vulcan is to generate playbooks to remediate vulnerabilities.
From Vulnerabilities, click on the vulnerability you want to run Ansible playbook on.
Click on Take Action --> Deploy a patch

Configuration dialog for creating your Ansible playbook is now opened:

Click on Add new to set S3 bucket that Ansible playbook will be pushed to

Select the Ansible version and username

Click on Deploy fix
The Ansible playbooks are pushed to the defined S3 bucket and ready to use.

Automating Ansible playbook

Vulcan's automation module is one of the biggest advantages of the platform. You can create auto-generated Ansible playbooks which will be created by vulnerabilities' attributes.

  1. Go to Automation and Create new Playbook

  2. Define a name for you Playbook

  3. Choose which vulnerabilities to remediate with Ansible playbook, for example:
    Vulnerabilities that were reported by Qualys and are on assets with 'Production' tag

  4. Choose a Remediation action to generate Ansible scripts. The fields are the same as explained in then 'Deploy patch using Ansible playbooks' section

  5. Click Save

That's it! From now on an Ansible playbook will be generated and uploaded to S3 bucket based on your Vulcan's playbook.


When deploying an Ansible script for Python vulnerabilities on Ubuntu assets, add the path to your Python interpreter to the script, below become_user.


    ansible_python_interpreter: /usr/bin/python3

(Use your own path and Python version)

Did this answer your question?