Role to install (by default) terrascan on Debian/Ubuntu and EL systems. terrascan detects compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
None.
Available variables are listed below (located in defaults/main.yml):
terrascan_app: terrascan
terrascan_version: 1.19.9
terrascan_os: "{{ ansible_system }}"
terrascan_architecture_map:
amd64: x86_64
arm: arm64
x86_64: x86_64
armv6l: armv6
armv7l: armv7
aarch64: arm64
32-bit: "i386"
64-bit: x86_64
terrascan_dl_url: https://github.com/tenable/{{ terrascan_app }}/releases/download/v{{ terrascan_version }}/{{ terrascan_app }}_{{ terrascan_version }}_{{ terrascan_os }}_{{ terrascan_architecture_map[ansible_architecture] }}.tar.gz
terrascan_bin_path: /usr/local/bin
terrascan_file_owner: root
terrascan_file_group: root
terrascan_file_permission_mode: '0755'| Variable | Description |
|---|---|
| terrascan_app | Defines the app to install i.e. terrascan |
| terrascan_version | Defined to dynamically fetch the desired version to install. Defaults to: 1.19.9 |
| terrascan_os | Defines os type. |
| terrascan_architecture_map | Defines os architecture. |
| terrascan_dl_url | Defines URL to download the terrascan binary from. |
| terrascan_bin_path | Defined to dynamically set the appropriate path to store terrascan binary into. Defaults to (as generally available on any user's PATH): /usr/local/bin |
| terrascan_file_owner | Owner for the binary file of terrascan. |
| terrascan_file_group | Group for the binary file of terrascan. |
| terrascan_file_permission_mode | Defines the permission mode level for the file. Defaults to: 0755 |
None
For default behaviour of role (i.e. installation of terrascan) in ansible playbooks.
- hosts: servers
roles:
- darkwizard242.terrascanFor customizing behavior of role (i.e. specifying the desired terrascan version) in ansible playbooks.
- hosts: servers
roles:
- darkwizard242.terrascan
vars:
terrascan_version: 1.15.0For customizing behavior of role (i.e. placing binary of terrascan package in different location) in ansible playbooks.
- hosts: servers
roles:
- darkwizard242.terrascan
vars:
terrascan_bin_path: /bin/This role was created by Ali Muhammad.