ansible – Kevin Wells

HOME
Skills & Experience
Current Threats & Trends
Articles
- Automation & MonitoringStreamline operations with Ansible workflows, logging pipelines, and proactive monitoring.
- Backups & DRProtect data and maintain continuity with resilient backup and recovery strategies.
- Cloud SecurityDefend AWS and hybrid environments with strong identity, policy, and monitoring controls.
- Identity & Access Management (IAM)Secure access with SSH keys, sudo, PAM, and cloud IAM roles.
- System HardeningSecure Linux systems through patching, CIS benchmarks, and OS lockdown.
- Tools & CheatsheetsPractical quick-reference guides for Linux and cloud security administrators.
Resources
About
Contact

Ansible quickstart for secure baselines (idempotent and testable)

August 20, 2025September 9, 2025 by Admin

Outcome: apply your SSHD/PAM/fail2ban defaults across hosts safely, with check/diff runs and a skeleton for tests. 1) Layout baseline/ ├─ inventory.yaml ├─ site.yaml └─ roles/ └─ hardening/ ├─ tasks/main.yaml ├─ templates/sshd_config.j2 └─ files/sudoers_logging 2) Inventory # inventory.yaml all: hosts: web1.example.com: db1.example.com: vars: ansible_user: admin 3) Playbook # site.yaml – hosts: all become: true roles: – … Read more

Automating Linux Patch Management with Ansible

August 20, 2025August 19, 2025 by editor

Why Patching Matters Most breaches exploit known vulnerabilities, often months or years old. WannaCry (2017) succeeded because thousands of systems weren’t patched despite updates being available. Even today, unpatched Apache, Exim, or kernel flaws are exploited within days of disclosure. Manual patching doesn’t scale. Clients need automation. Ansible Patch Management Checklist Inventory Hosts Define Linux … Read more