Learning Puppet Security
暫譯: 學習 Puppet 安全性

Secure your IT environments with the powerful security tools of Puppet

About This Book

• Pass a compliance audit by showing the concrete state of your systems using Puppet
• Secure your Puppet server to minimize risks associated with misconfigured installations using the gdsoperations/auditd module
• Attain in-depth knowledge of all the security aspects related to Puppet with the help of a step-by-step approach and attain the practical skills required to develop applications

Who This Book Is For

If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.

What You Will Learn

• Use Puppet manifests to show system compliance and track changes to the operating system resources
• Generate security reports using PuppetDB to show that the systems are up to date
• Automate CIS compliance using community modules
• Configure firewalls automatically based on roles
• Demystify the Puppet SSL stack
• Set up centralized logging with dashboard search functionality using Elasticsearch, Logstash, and Kibana
• Configure your systems to be secure automatically using SELinux with Puppet
• Use Puppet to assist with PCI DSS compliance

In Detail

As application and server environments become more complex, managing security and compliance becomes a challenging situation. By utilizing Puppet and the tools associated with it, you can simplify and automate many of the more repetitive security-related tasks.

Beginning with the simplest cases, you will quickly get up and running by looking at an example Puppet manifest. Moving on, you will learn how to use Puppet to track changes to environments and how this can be used for compliance. As your knowledge increases, you will then get to explore community modules and learn how they can help simplify the deployment of your Puppet environment by using pre-written code contributed by community members. By the end of this book, you will be able to implement a complete centralized logging solution using Logstash and community modules.