Naveen Chauhan naavveenn

## Audit Logs
#Audit Logs
apt-get install auditd audispd-plugins -y
systemctl enable auditd

#Ensure audit logs are not automatically deleted
echo ""max_log_file_action = keep_logs"" >> /etc/audit/auditd.conf

#Ensure events that modify date and time information are collected
echo ""-a always,exit -F arch=b64 -S adjtimex -S settimeofday -k time-change"" >> /etc/audit/audit.rules

## AMI_Creation
---
#Creating an AMI based on time but need to schedule this job on Ansible-Tower based on intervals
- hosts: local
  connection: local
  gather_facts: no
  vars:
    aws_region: ap-south-1
  tasks:
  - name: Getting the facts of the system
    setup: filter=ansible_date_time

## EC2 Alarm
---
- hosts: local
  connection: local
  vars_files:
  - /home/ansible/awscreds_ec2.yml    #contain varible info as mentioned in comments
  tasks:
  - name: Get Instance ID
    ec2_instance_facts:
      aws_access_key: "{{ aws_id }}"
      aws_secret_key: "{{ aws_key }}"

## Memory&Disk Playbook
---
#Creating memory alarm and make sure CLoudwatch role is assigned to the ec2 instances
- hosts: all     #must have valid ips,ssh-keys and user-name.
  become: yes
  gather_facts: yes
  tasks:
  - name: Installing the required packages for Ubuntu Dist
    apt:
      name: "{{ item }}"
      update_cache: yes

## User Creation
---
##Creating multipple users##
- hosts: all
  become: yes
  gather_facts: no
  vars_prompt:
    - name: pass
      prompt: "Please enter the password"
  tasks:
    - name: Creating users

## Kubernetes Commands
root@kube01:~# kubectl get nodes
NAME      STATUS    ROLES         AGE       VERSION
kube01    Ready     master,node   7m        v1.8.3+coreos.0
kube02    Ready     master,node   7m        v1.8.3+coreos.0
kube03    Ready     node          7m        v1.8.3+coreos.0
kube04    Ready     node          7m        v1.8.3+coreos.0


root@kube01:~# kubectl get componentstatuses
NAME                 STATUS    MESSAGE              ERROR

## Get instance info like instance_id, ips
---
 - hosts: local
   connection: local
   gather_facts: yes
   vars:
     aws_region: ap-south-1
     aws_access_key: asfhafsfaadvadvdv
     aws_secret_key: KVsfioefln845141cashcgaksjsdvsdv
   tasks:
   - name: get instance id

## RDS Alarms
---
- hosts: local
  connection: local
  vars_files:
  - /home/ansible/awscreds.yml     # contains var info as mention in comment
  tasks:
  - name: Get DB instance name
    shell: aws rds describe-db-instances --query DBInstances[*].DBInstanceIdentifier --region "{{ aws_region }}" --output text | tr "\t" "\n" > "{{ path }}"
    register: rds_instances

## Lynis Audit
---
 - hosts: demo   #list of servers
   become: yes
   tasks:
   - name: Check if Git is installed or not for Debian distro
     shell: dpkg -s git              #check if git is installed or not
     ignore_errors: True
     register: output
     when: ansible_os_family == "Debian"

## Install Mod_Evasive
Step1:- Installing Dependencies
yum install gcc make
yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel

Step2:--
cd /usr/src
wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
tar xzf mod_evasive_1.10.1.tar.gz
cd mod_evasive
apxs -cia mod_evasive20.c
	#Audit Logs
	apt-get install auditd audispd-plugins -y
	systemctl enable auditd

	#Ensure audit logs are not automatically deleted
	echo ""max_log_file_action = keep_logs"" >> /etc/audit/auditd.conf

	#Ensure events that modify date and time information are collected
	echo ""-a always,exit -F arch=b64 -S adjtimex -S settimeofday -k time-change"" >> /etc/audit/audit.rules
	---
	#Creating an AMI based on time but need to schedule this job on Ansible-Tower based on intervals
	- hosts: local
	connection: local
	gather_facts: no
	vars:
	aws_region: ap-south-1
	tasks:
	- name: Getting the facts of the system
	setup: filter=ansible_date_time
	---
	- hosts: local
	connection: local
	vars_files:
	- /home/ansible/awscreds_ec2.yml #contain varible info as mentioned in comments
	tasks:
	- name: Get Instance ID
	ec2_instance_facts:
	aws_access_key: "{{ aws_id }}"
	aws_secret_key: "{{ aws_key }}"
	---
	#Creating memory alarm and make sure CLoudwatch role is assigned to the ec2 instances
	- hosts: all #must have valid ips,ssh-keys and user-name.
	become: yes
	gather_facts: yes
	tasks:
	- name: Installing the required packages for Ubuntu Dist
	apt:
	name: "{{ item }}"
	update_cache: yes
	---
	##Creating multipple users##
	- hosts: all
	become: yes
	gather_facts: no
	vars_prompt:
	- name: pass
	prompt: "Please enter the password"
	tasks:
	- name: Creating users
	root@kube01:~# kubectl get nodes
	NAME STATUS ROLES AGE VERSION
	kube01 Ready master,node 7m v1.8.3+coreos.0
	kube02 Ready master,node 7m v1.8.3+coreos.0
	kube03 Ready node 7m v1.8.3+coreos.0
	kube04 Ready node 7m v1.8.3+coreos.0


	root@kube01:~# kubectl get componentstatuses
	NAME STATUS MESSAGE ERROR
	---
	- hosts: demo #list of servers
	become: yes
	tasks:
	- name: Check if Git is installed or not for Debian distro
	shell: dpkg -s git #check if git is installed or not
	ignore_errors: True
	register: output
	when: ansible_os_family == "Debian"
	Step1:- Installing Dependencies
	yum install gcc make
	yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel

	Step2:--
	cd /usr/src
	wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
	tar xzf mod_evasive_1.10.1.tar.gz
	cd mod_evasive
	apxs -cia mod_evasive20.c