From e5500dd79d9d3554f65b09225b97a3c9201b4300 Mon Sep 17 00:00:00 2001 From: Mathieu Fortin Date: Mon, 13 Jan 2025 16:22:49 -0500 Subject: [PATCH] Update section names and conditions Signed-off-by: Mathieu Fortin --- tasks/section_1/main.yml | 15 +++++++-------- tasks/section_5/main.yml | 1 + 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/tasks/section_1/main.yml b/tasks/section_1/main.yml index c1df0a2..4bbb67c 100644 --- a/tasks/section_1/main.yml +++ b/tasks/section_1/main.yml @@ -1,6 +1,6 @@ --- -- name: "SECTION | 1.1.1.x | Disable unused filesystems" +- name: "SECTION | 1.1.1.x | Configure Filesystem Kernel Modules" ansible.builtin.import_tasks: file: cis_1.1.1.x.yml @@ -32,24 +32,23 @@ ansible.builtin.import_tasks: file: cis_1.1.2.7.x.yml -- name: "SECTION | 1.2 | Configure Software Updates" +- name: "SECTION | 1.2 | Configure Software Updates and Patch Management" ansible.builtin.import_tasks: file: cis_1.2.x.yml -- name: "SECTION | 1.3 | Filesystem Integrity Checking" +- name: "SECTION | 1.3 | Congiure Secure Boot Settings" ansible.builtin.import_tasks: file: cis_1.3.x.yml - when: amazon2cis_config_aide -- name: "SECTION | 1.4 | Secure Boot Settings" +- name: "SECTION | 1.4 | Configure Additional Process Hardening" ansible.builtin.import_tasks: file: cis_1.4.x.yml -- name: "SECTION | 1.5 | Additional Process Hardening" +- name: "SECTION | 1.5 | Mandatory Access Control" ansible.builtin.import_tasks: file: cis_1.5.x.yml + when: not amazon2cis_selinux_disable -- name: "SECTION | 1.6 | Mandatory Access Control" +- name: "SECTION | 1.6 | Configure Command Line Warning Banners" ansible.builtin.import_tasks: file: cis_1.6.x.yml - when: not amazon2cis_selinux_disable diff --git a/tasks/section_5/main.yml b/tasks/section_5/main.yml index e1b7e99..0522046 100644 --- a/tasks/section_5/main.yml +++ b/tasks/section_5/main.yml @@ -39,3 +39,4 @@ - name: "SECTION | 5.3.x | Aide" ansible.builtin.import_tasks: file: cis_5.3.x.yml + when: amazon2cis_config_aide