Installs AWS Inspector (awsagent) on RedHat/CentOS or Debian/Ubuntu.
None.
Available variables are listed below, along with default values (see defaults/main.yml):
aws_inspector_url: "https://d1wk0tztpsntt1.cloudfront.net/linux/latest/install"
aws_inspector_installer_dest: /tmp/aws_inspector_agent_installer
URL from which inspector installer will be downloaded, and temporary directory where installer will be stored.
awsagent_state: started
awsagent_enabled: true
Control the awsagent service; by default, for Amazon Inspector to work correctly, you must have awsagent running on any server you want inspected.
There is also a handler, restart awsagent, which can be used to restart the agent.
aws_inspector_role_test_mode: false
Set this to true if testing or using this role outside of an EC2 instance (e.g. if testing in CI or building a server in a different cloud environment).
There is also support for proxy configuration:
aws_inspector_proxy_enabled: false
aws_inspector_https_proxy: 127.0.0.1:8080
aws_inspector_http_proxy: 127.0.0.1:8080
aws_inspector_no_proxy: 169.254.169.254
Set aws_inspector_proxy_enabled to true and configure the rest of *_proxy variables to create a /etc/init.d/awsagent.env file that will enable proxy support.
None.
- hosts: ec2-instances
roles:
- geerlingguy.aws-inspector
MIT / BSD
This role was created in 2017 by Jeff Geerling, author of Ansible for DevOps.