Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Learning Puppet Security
  • Table Of Contents Toc
  • Feedback & Rating feedback
Learning Puppet Security

Learning Puppet Security

By : Slagle
4 (3)
Buy this Book
close
close
Learning Puppet Security

Learning Puppet Security

4 (3)
By: Slagle
Buy this Book

Overview of this book

If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Convention
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. Puppet as a Security Tool
Icon
1. Puppet as a Security Tool
Icon
What is Puppet?
Icon
Installing and configuring Puppet
Icon
Preparing the environment for examples
Icon
Puppet for security and compliance
Icon
Example – using Puppet to secure openssh
Icon
Summary
2
2. Tracking Changes to Objects
chevron up
Icon
2. Tracking Changes to Objects
Icon
Change tracking with Puppet
Icon
The audit meta-parameter
Icon
Using audit on files
Icon
Auditing the password file
Icon
Audit on other resource types
Icon
Auditing a package
Icon
Things to know about audit
Icon
Alternatives to auditing
Icon
Using noop
Icon
Summary
3
3. Puppet for Compliance
Icon
3. Puppet for Compliance
Icon
Using manifests to document the system state
Icon
Tracking history with version control
Icon
Facts for compliance
Icon
The PCI DSS and how Puppet can help
Icon
Summary
4
4. Security Reporting with Puppet
Icon
4. Security Reporting with Puppet
Icon
Basic Puppet reporting
Icon
PuppetDB and reporting
Icon
Reporting for compliance
Icon
Summary
5
5. Securing Puppet
Icon
5. Securing Puppet
Icon
Puppet security related configuration
Icon
SSL and Puppet
Icon
Autosigning certificates
Icon
Summary
6
6. Community Modules for Security
Icon
6. Community Modules for Security
Icon
The Puppet Forge
Icon
The herculesteam/augeasproviders series of modules
Icon
The arildjensen/cis module
Icon
The saz/sudo module
Icon
The hiera-eyaml gem
Icon
Summary
7
7. Network Security and Puppet
Icon
7. Network Security and Puppet
Icon
Introducing the firewall module
Icon
The firewall type
Icon
The firewallchain type
Icon
Creating pre and post rules
Icon
Adding firewall rules to other modules
Icon
Summary
8
8. Centralized Logging
Icon
8. Centralized Logging
Icon
Welcome to logging happiness
Icon
Logstash and Puppet
Icon
Installing Elasticsearch
Icon
Reporting on log data
Icon
Configuring hosts to report log data
Icon
Summary
9
9. Puppet and OS Security Tools
Icon
9. Puppet and OS Security Tools
Icon
Introducing SELinux and auditd
Icon
SELinux and Puppet
Icon
Configuring SELinux with community modules
Icon
Configuring auditd with community modules
Icon
Summary
10
A. Going Forward
Icon
A. Going Forward
Icon
What we've learned
Icon
Where to go next
Icon
Final thoughts
11
Index
Icon
Index

Change tracking with Puppet

Puppet has a variety of ways to track changes. In its normal mode of operation, Puppet will track (and correct) changes to any resources in its catalog. This is by its nature what it's designed for. This can let you know that items have changed, but at the same time let you know that you can correct them to be the way you want them to be specified.

If you don't have a set state for your resources and you just want to know whether they have changed, you can use the audit meta-parameter. There is some evidence that this will be deprecated in Puppet 4; however, it is currently still available as this book is being written.

Finally, one can use noop to monitor changes. In this mode, Puppet will report on any changes to a resource from its baseline; however, it will not make an effort to change them back.

Noop can be used in a variety of fashions and will be covered at the end of the chapter.

The following table summarizes the available change tracking options:

 

Declared...

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Learning Puppet Security
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon