This blog will cover how we can pass custom values into the SaltStack state that make up the security checks. Such customisation provides the ability to define SaltStack compliance policies with a custom variable value. It essentially supports applying certain checks with required variables using the out-of-the-box CIS benchmarks, e.g. security compliance check “Ensure password expiration is 365 days or less”, which will ensure password expiration is 365 days or less. However, my standard policy accepts password expiration to 180 days. Variables are used to customize policies to the specific organization’s internal policies. Please note that this process is not applicable If you like to create and test custom compliance…
-
-
Patching Linux VM using VMware SaltStack Config Management
This blog will cover VM workload configuration management by using SaltStack, which provides configuration management besides compliance and vulnerability capabilities for the workload. Before we dive into how to use SaltStack config management functionalities, I will quickly share a bit more on VMware SaltStack. SaltStack, by default, comes as SaltStack Config, which helps maintain configuration and perform day 2 actions. Essentially, the benefit of SaltStack is to provide native config management, self-healing config with event-driven automation & orchestration. It supports building and scheduling repeatable jobs for self-service automation. Also, preserve tons of workload/systems with fast, hyper-scale automation. SaltStack supports flexible control with agents, agentless, and API proxy agents. For more…