book

Security Automation with Ansible 2

by Akash Mahajan, MADHU AKULA

December 2017

Intermediate to advanced

364 pages

7h 30m

English

Packt Publishing

Read now

Unlock full access

Content preview from Security Automation with Ansible 2

Anchore CLI scanner

Now that we have the Anchore Engine service REST API with access details, we can use this to perform the scanning of container images in any host. The following steps are the Ansible Tower setup to perform continuous scanning of container images for vulnerabilities.

The playbook for scanning a container image is shown as follows:

- name: anchore-cli scan  hosts: anchore  become: yes  vars:    scan_image_name: "docker.io/library/ubuntu:latest"    anchore_vars:      ANCHORE_CLI_URL: http://localhost:8228/v1      ANCHORE_CLI_USER: admin      ANCHORE_CLI_PASS: secretpassword  tasks:    - name: installing anchore-cli      pip:        name: "{{ item }}"      with_items:        - anchorecli        - pyyaml        - name: downloading image      docker_image:         name: "{{ scan_image_name }}" - name: ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Implementing DevOps with Ansible 2

Jonathan McAllister

Practical Ansible 2

Daniel Oh, James Freeman, Fabio Alessandro Locati

Learning Ansible 2 - Second Edition

Fabio Alessandro Locati

Practical Security Automation and Testing

Tony Hsiang-Chih Hsu

Publisher Resources

ISBN: 9781788394512Supplemental Content