-
Notifications
You must be signed in to change notification settings - Fork 3
/
pillar.example
38 lines (38 loc) · 1.12 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
cis:
{% if grains.kernel == 'Windows' %}
lookup:
pkgs:
java: jdk10
{% endif %}
java:
macos:
pkg_version: 10.0.2
pkg_source: https://your.hosting.location/jdk-10.0.2-x64.pkg
pkg_hash: https://your.hosting.location/jdk-10.0.2-x64.pkg.sha256sum
audit:
destination: master
hash: True
ccpd:
url: https://ccpd.your.hosting.location/CCPD/api/reports/upload
token: TOKEN_GOES_HERE
s3:
bucket: cis-reports
schedule:
hours: 1
{% if grains.os == 'CentOS' %}
tool: openscap
{% endif %}
cis_cat:
assessor:
source: 'https://your.hosting.location/cis/ciscat-full-bundle-2018-08-14-v3.0.51.tar.bz2'
source_hash: 'https://your.hosting.location/cis/ciscat-full-bundle-2018-08-14-v3.0.51.tar.bz2.sha256sum'
auto_assess: 2
{% if grains.os == 'MacOS' %}
profile: 'xccdf_org.cisecurity.benchmarks_profile_Level_2'
benchmark: 'CIS_Apple_OSX_10.12_Benchmark_v1.0.0.xml'
{% endif %}
openscap:
oscap:
arguments: '--fetch-remote-resources'
profile: 'pci-dss'
benchmark: 'ssg-centos7-xccdf.xml'