Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Automation Controller must be capable of reverting to the last known good configuration in the event of failed installations and upgrades.
Any changes to the components of Automation Controller can have significant effects on the overall security of the system. In order to ensure a prompt response to failed application installations ...Rule Medium Severity -
SRG-APP-000148-AS-000101
Group -
SRG-APP-000153-AS-000104
Group -
Automation Controller must be configured to authenticate users individually, prior to using a group authenticator.
Default superuser accounts, such as "root", are considered group authenticators. In the case of Automation Controller this is the "admin" account.Rule Medium Severity -
SRG-APP-000172-AS-000121
Group -
Automation Controller must utilize encryption when using LDAP for authentication.
To avoid access with malicious intent, passwords will need to be protected at all times. This includes transmission where passwords must be encrypted for security.Rule Medium Severity -
SRG-APP-000290-AS-000174
Group -
SRG-APP-000371-AS-000077
Group -
Automation Controller must compare internal application server clocks at least every 24 hours with an authoritative time source.
When conducting forensic analysis and investigating system events, it is critical that timestamps accurately reflect the time of application events. If timestamps are not deemed to be accurate, the...Rule Medium Severity -
SRG-APP-000427-AS-000264
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.