Jonathan Davila

Author Archives: Jonathan Davila

Compliance and Automation Using Ansible

Compliance is a big deal in many industries, from e-commerce and PCI, to healthcare and HIPAA, to federal government and FedRAMP. At the core, compliance is all about making sure that IT systems are secure. The controls for the various industries will inevitably have some overlap; there are fundamental security controls that (should) apply to all IT systems. However, as technology advances, even the fundamental controls need to be refreshed in order to address the ever increasing advancements in security threats. 

When the need comes for your IT environment to be both compliant and automated, Ansible makes the most sense.

Why? For simple but very powerful reasons; readability, encryption, architecture and transport.

Architecture:
For starters, Ansible requires the smallest architecture. In it’s simplest form, none whatsoever, just its installation on your laptop (presuming linux or OSX). Even in our enterprise offering it is a single server. With Ansible there is no notion of Masters, Slaves, Masters of Masters, etc.

Secondly, you don’t/shouldn’t need to change anything. If you run a linux shop, SSH over port 22 is probably already in place for all servers and if you’ve been doing any sort of Windows automation, you likely already have remote Continue reading