Enhancing Secure Deployment with Ansible: A Focus on Least Privilege and Automation for Linux - Service IntEgration and netwoRk Administration
Communication Dans Un Congrès Année : 2024

Enhancing Secure Deployment with Ansible: A Focus on Least Privilege and Automation for Linux

Résumé

As organisations increasingly adopt Infrastructure as Code (IaC), ensuring secure deployment practices becomes paramount. Ansible is a well-known open-source and modular tool for automating IT management tasks. However, Ansible is subject to supply-chain attacks that can compromise all managed hosts. This article presents a semi-automated process that improves Ansible-based deployments to have fine-grained control on administrative privileges granted to Ansible tasks. We describe the integration of the RootAsRole framework to Ansible. Finally, we analyse the limit of the current implementation.
Fichier principal
Vignette du fichier
ares2024-179.pdf (846.27 Ko) Télécharger le fichier
Origine Publication financée par une institution

Dates et versions

hal-04663452 , version 1 (10-12-2024)

Identifiants

Citer

Eddie Billoir, Romain Laborde, Ahmad Samer Wazan, Yves Rutschle, Abdelmalek Benzekri. Enhancing Secure Deployment with Ansible: A Focus on Least Privilege and Automation for Linux. Workshop on Advances in Secure Software Deployments (ASOD 2024) at the19th International Conference on Availability, Reliability and Security, Jul 2024, Vienne, Austria. pp.56, ⟨10.1145/3664476.3670929⟩. ⟨hal-04663452⟩
132 Consultations
0 Téléchargements

Altmetric

Partager

More