Remove cdb related tasks and config

roles/wazuh/ansible-wazuh-manager/handlers/main.yml

@@ -1,7 +1,4 @@
 ---
-- name: rebuild cdb_lists
-  command: /var/ossec/bin/ossec-makelists
-
 - name: restart wazuh-manager
   service:
     name: wazuh-manager

roles/wazuh/ansible-wazuh-manager/tasks/main.yml

@@ -198,11 +198,6 @@
   tags:
     - config
 
-- name: Retrieving CDB lists
-  include_vars: cdb_lists.yml
-  tags:
-    - config
-
 - name: Check if syslog output is enabled
   set_fact: syslog_output=true
   when: item.server is not none
@@ -334,27 +329,6 @@
   tags:
     - config
 
-- name: CDB Lists
-  template:
-    src: cdb_lists.j2
-    dest: "/var/ossec/etc/lists/{{ item.name }}"
-    owner: root
-    group: ossec
-    mode: 0640
-  no_log: true
-  register: wazuh_manager_cdb_lists
-  until: wazuh_manager_cdb_lists is succeeded
-  notify:
-    - rebuild cdb_lists
-    - restart wazuh-manager
-  with_items:
-    - "{{ cdb_lists }}"
-  when:
-    - cdb_lists is defined
-    - cdb_lists is iterable
-  tags:
-    - config
-
 - name: Ensure Wazuh Manager, wazuh API service is started and enabled
   service:
     name: "{{ item }}"

roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2

@@ -360,8 +360,9 @@
   <rule_exclude>{{ rule }}</rule_exclude>
   {% endfor %}
   {% endif %}
+  {% if cdb_lists is defined %}
   {% for list in cdb_lists %}
-  <list>etc/lists/{{ list.name }}</list>
+  <list>etc/lists/{{ list }}</list>
   {% endfor %}
   {% endif %}
 

roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml

@@ -1,87 +1,5 @@
 ---
 cdb_lists:
-  - name: 'audit-keys'
-    content: |
-      audit-wazuh-w:write
-      audit-wazuh-r:read
-      audit-wazuh-a:attribute
-      audit-wazuh-x:execute
-      audit-wazuh-c:command
-  - name: 'aws-source'
-    content: |
-      ec2.amazonaws.com:
-      elasticloadbalancing.amazonaws.com:
-      iam.amazonaws.com:
-      signin.amazonaws.com:
-      kms.amazonaws.com:
-      s3.amazonaws.com:
-  - name: 'aws-eventnames'
-    content: |
-      AddUserToGroup:
-      AllocateAddress:
-      AssociateAddress:
-      AssociateDhcpOptions:
-      AssociateRouteTable:
-      AttachGroupPolicy:
-      AttachNetworkInterface:
-      AttachRolePolicy:
-      AttachUserPolicy:
-      AttachVolume:
-      AuthorizeSecurityGroupIngress:
-      ConsoleLogin:
-      CopySnapshot:
-      CreateAccountAlias:
-      CreateGroup:
-      CreateImage:
-      CreateLoadBalancer:
-      CreatePlacementGroup:
-      CreatePolicy:
-      CreateRole:
-      CreateRouteTable:
-      CreateSecurityGroup:
-      CreateSnapshot:
-      CreateSubnet:
-      CreateTags:
-      CreateUser:
-      CreateVolume:
-      CreateVpc:
-      DeleteAccountAlias:
-      DeleteLoadBalancer:
-      DeletePlacementGroup:
-      DeleteSecurityGroup:
-      DeleteSnapshot:
-      DeleteTags:
-      DeleteUser:
-      DeleteVolume:
-      DeregisterImage:
-      DetachGroupPolicy:
-      DetachNetworkInterface:
-      DetachRolePolicy:
-      DetachVolume:
-      DisableKey:
-      DisassociateAddress:
-      DisassociateAddress:
-      DisassociateRouteTable:
-      GetGroup:
-      ListAliases:
-      ListGroups:
-      ListUsers:
-      ModifyImageAttribute:
-      ModifyInstanceAttribute:
-      ModifyNetworkInterfaceAttribute:
-      ModifySnapshotAttribute:
-      ModifySubnetAttribute:
-      ModifyVolumeAttribute:
-      MonitorInstances:
-      RebootInstances:
-      RegisterImage:
-      RemoveUserFromGroup:
-      RevokeSecurityGroupIngress:
-      RunInstances:
-      StartInstances:
-      StopInstances:
-      TerminateInstances:
-      UnmonitorInstances:
-      UpdateAccessKey:
-      UpdateAccountPasswordPolicy:
-      UpdateInstanceAlias:
+  - 'audit-keys'
+  - 'security-eventchannel'
+  - 'amazon/aws-eventnames'