Ansible Role to deploy the Threat Stack server agent.
- Amazon Linux
- CentOS
- RedHat
- Ubuntu
- Debian
The following variables are available for override.
| Variable | Type | Default | Required | Description |
|---|---|---|---|---|
| threatstack_deploy_key | String | Yes | Your TS deploy key. | |
| threatstack_feature_plan | String | Yes if 1x | (Agent 1.x only) TS Feature Plan. "i" for investigate/"m" for montior. | |
| threatstack_ruleset | Array | ["Base Rule Set"] | Array of rulesets to apply to hosts. | |
| threatstack_pkg_url | String | Depends on version | Location of package repo. Only change if you mirror your own. | |
| threatstack_pkg | String | threatstack-agent | Name of package. Specify package version using "threatstack-agent=X.Y.Z" (Debian/Ubuntu) or "threatstack-agent-X.Y.Z" (RedHat/CentOS/Amazon). |
|
| threatstack_pkg_validate | Boolean | yes | Should packages be validated? We default to yes, but if you repackage anything you may need to change this. | |
| threatstack_url | String | https://app.threatstack.com | The URL endpoint for Threat Stack. This should not change. | |
| threatstack_hostname | String | The display hostname in the Threat Stack UI. Defaults to hostname. | ||
| threatstack_configure_agent | Boolean | true | Set to false to not configure the host, just install the package. | |
| threatstack_agent_extra_args | String | Pass optional arguments during agent registration. | ||
| threatstack_agent_config_args | String | Pass optional configuration arguments after agent registration. |
Using ansible galaxy, best for ad-hoc command situations:
$ ansible-galaxy install threatstack.threatstack-ansible
To install into your playbook roles, use -p ROLES_PATH or --path=ROLES_PATH
$ ansible-galaxy install threatstack.threatstack-ansible -p /your/project/root/roles
Check out: Advanced Control over Role Requirements Files
- Install Threat Stack agent with the default rule set and reports system hostname to threatstack. This is the most basic configuration
- hosts: all
roles:
- { role: threatstack.threatstack-ansible, threatstack_deploy_key: XXXXXXXXXXXXX}
- Install Threat Stack agent with custom security rules set and custom hostname:
- hosts: web-servers
roles:
- role: threatstack.threatstack-ansible
threatstack_deploy_key: XXXXXXXXXXXXX
threatstack_ruleset:
- 'Base Rule Set'
- 'Custom Rule Set'
threatstack_hostname: dev_web01_us-east-1c
- Install the Threat Stack agent but do not configure it. NOTE: Useful for configuring a base image to be repeatedly deployed with the agent pre-installed.
- hosts: aws-image
roles:
- role: threatstack.threatstack-ansible
threatstack_configure_agent: false
- Install a particular version of the Threat Stack agent. Use in situations where you perform controlled rollouts of all new package versions.
- hosts: hosts
roles:
- role: threatstack.threatstack-ansible
threatstack_deploy_key: XXXXXXXXXXXXX
threatstack_pkg: threatstack-agent=1.9.0.0ubuntu14.0
None
Apache 2.0
See AUTHORS
Use github issues for bugs in this repo.