afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restricting too open xpack and kibana permissions

Browse Source
This commit is contained in:
Zenidd 2020-03-17 12:17:49 +01:00
parent 3ba86f7cd8
commit eff4b38bed
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
View File

@ -35,7 +35,7 @@
copy: copy:
src: "{{ master_certs_path }}/ca/{{ ca_key_name }}" src: "{{ master_certs_path }}/ca/{{ ca_key_name }}"
dest: "{{ node_certs_source }}/{{ ca_key_name }}" dest: "{{ node_certs_source }}/{{ ca_key_name }}"
mode: '0664' mode: '0440'
when: when:
- not generate_CA - not generate_CA
- node_certs_generator - node_certs_generator
@ -45,7 +45,7 @@
copy: copy:
src: "{{ master_certs_path }}/ca/{{ ca_cert_name }}" src: "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
dest: "{{ node_certs_source }}/{{ ca_cert_name }}" dest: "{{ node_certs_source }}/{{ ca_cert_name }}"
mode: '0664' mode: '0440'
when: when:
- not generate_CA - not generate_CA
- node_certs_generator - node_certs_generator

2
roles/elastic-stack/ansible-kibana/tasks/main.yml
View File

@ -41,7 +41,7 @@
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ node_certs_destination }}/" dest: "{{ node_certs_destination }}/"
mode: '0664' mode: '0444'
with_items: with_items:
- "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key" - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
- "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt" - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"