Threat Stack agent 1.x support is now removed
This version of the ansible role only supports Threat Stack agent 2.x or higher. For support of 1.x agent versions, please use the 4.x versions of the role.
Ansible Role to deploy the Threat Stack server agent.
- Amazon Linux
- CentOS
- RedHat
- Ubuntu
- Debian
The following variables are available for override.
| Variable | Type | Default | Required | Description |
|---|---|---|---|---|
| threatstack_deploy_key | String | Yes | Your TS deploy key. | |
| threatstack_ruleset | Array | ["Base Rule Set"] | Array of rulesets to apply to hosts. | |
| threatstack_pkg_url | String | Depends on version | Location of package repo. Only change if you mirror your own. | |
| threatstack_pkg | String | threatstack-agent | Name of package. Specify package version using "threatstack-agent=X.Y.Z" (Debian/Ubuntu) or "threatstack-agent-X.Y.Z" (RedHat/CentOS/Amazon). |
|
| threatstack_pkg_version | String | If defined, pins specific threatstack package version | ||
| threatstack_pkg_validate | Boolean | yes | Should packages be validated? We default to yes, but if you repackage anything you may need to change this. | |
| threatstack_url | String | https://app.threatstack.com | The URL endpoint for Threat Stack. This should not change. | |
| threatstack_hostname | String | The display hostname in the Threat Stack UI. Defaults to hostname. | ||
| threatstack_configure_agent | Boolean | true | Set to false to not configure the host, just install the package. | |
| threatstack_agent_extra_args | String | Pass optional arguments during agent registration. | ||
| threatstack_agent_config_args | String | Pass optional configuration arguments after agent registration. Must include --set before each argument in the setting. (Ex. --set log.level debug --set foo bar) |
||
| threatstack_agent_disable_service | Boolean | false | Make sure agent service is disabled and not running after installation |
Using ansible galaxy, best for ad-hoc command situations:
$ ansible-galaxy install threatstack.threatstack-ansible
To install into your playbook roles, use -p ROLES_PATH or --path=ROLES_PATH
$ ansible-galaxy install threatstack.threatstack-ansible -p /your/project/root/roles
Check out: Advanced Control over Role Requirements Files
- Install Threat Stack agent with the default rule set and reports system hostname to threatstack. This is the most basic configuration
- hosts: all
roles:
- { role: threatstack.threatstack-ansible, threatstack_deploy_key: XXXXXXXXXXXXX}
- Install Threat Stack agent with custom security rules set and custom hostname:
- hosts: web-servers
roles:
- role: threatstack.threatstack-ansible
threatstack_deploy_key: XXXXXXXXXXXXX
threatstack_ruleset:
- 'Base Rule Set'
- 'Custom Rule Set'
threatstack_hostname: dev_web01_us-east-1c
- Install the Threat Stack agent but do not configure it. NOTE: Useful for configuring a base image to be repeatedly deployed with the agent pre-installed.
- hosts: aws-image
roles:
- role: threatstack.threatstack-ansible
threatstack_configure_agent: false
- Install a particular version of the Threat Stack agent. Use in situations where you perform controlled rollouts of all new package versions.
- hosts: hosts
roles:
- role: threatstack.threatstack-ansible
threatstack_deploy_key: XXXXXXXXXXXXX
threatstack_pkg: threatstack-agent=2.0.0.0ubuntu20.0
None
Apache 2.0
See AUTHORS
Use github issues for bugs in this repo.
See the CONTRIBUTING document for details.