13
Scanning Your Ansible Playbooks
In this chapter, you will learn how to scan your Ansible playbooks using two third-party tools: Checkov and KICS. Both are open source and can help you identify and fix common configuration issues within your Ansible code, such as syntax errors, misconfigurations, hardcoded secrets, and deployment problems, which could lead to potential breaches.
By the end of this chapter, you will have done the following:
- Installed and run Checkov and KICS scans on our Ansible playbooks
- Reviewed the results and reports generated during the scans
- Fixed any issues detected during the scans
The chapter covers the following topics:
- Why scan your playbooks?
- Docker overview and installation
- Exploring Checkov
- Exploring KICS
Get Learn Ansible - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.