Technical Overview
Ansible connector provides is a decentralized solution so there is no server to communicate with.
Ansible playbooks can be run on Red Hat, CentOS, and Ubuntu.
Technical flow is as follow:
Defining a Connector
In the Connectors page, click on Add a Connector.
Click on the Ansible connector.
Click on Create.
Deploy patch using Ansible playbooks
One of the most powerful abilities of Vulcan is to generate playbooks to remediate vulnerabilities.
From Vulnerabilities, click on the vulnerability you want to run Ansible playbook on.
Click on Take Action --> Deploy a patch
Configuration dialog for creating your Ansible playbook is now opened:
Click on Add new to set S3 bucket that Ansible playbook will be pushed to
Select the Ansible version and username
Click on Deploy fix
The Ansible playbooks are pushed to the defined S3 bucket and ready to use.
Automating Ansible playbook
Vulcan's automation module is one of the biggest advantages of the platform. You can create auto-generated Ansible playbooks which will be created by vulnerabilities' attributes.
Go to Automation and Create new Playbook
Define a name for you Playbook
Choose which vulnerabilities to remediate with Ansible playbook, for example:
Vulnerabilities that were reported by Qualys and are on assets with 'Production' tagChoose a Remediation action to generate Ansible scripts. The fields are the same as explained in then 'Deploy patch using Ansible playbooks' section
Click Save
That's it! From now on an Ansible playbook will be generated and uploaded to S3 bucket based on your Vulcan's playbook.
Note
When deploying an Ansible script for Python vulnerabilities on Ubuntu assets, add the path to your Python interpreter to the script, below become_user.
Example:
vars:
ansible_python_interpreter: /usr/bin/python3
(Use your own path and Python version)