Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-256904 | APAS-AT-000044 | SV-256904r902282_rule | Medium |
Description |
---|
Any changes to the components of Automation Controller can have significant effects on the overall security of the system. In order to ensure a prompt response to failed application installations and application server upgrades, Automation Controller must provide an automated rollback capability that allows Automation Controller to be restored to a previous known good configuration state prior to the application installation or application server upgrade. |
STIG | Date |
---|---|
Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide | 2023-08-29 |
Check Text ( C-60579r902280_chk ) |
---|
The administrator must make a backup of the last known good configuration of the Automation Controller on each host. Locate the installer bundle directory that contains the inventory file used to install Ansible Automation Platform. Verify a backup of the last known good configuration has been made and stored in accordance with the Automation Controller Documentation and organizationally defined policy: https://docs.ansible.com/automation-controller/latest/html/administration/backup_restore.html If no such backup has been made, this is a finding. |
Fix Text (F-60521r902281_fix) |
---|
As System Administrator login to the Controller. Locate the installer bundle directory that contains the inventory file used to install Ansible Automation Platform. From there, run the setup.sh command with the "-b" option to perform a backup. Example: "[[installation directory]]/setup.sh -b" Note: To revert from a backup, refer to: https://docs.ansible.com/automation-controller/latest/html/administration/backup_restore.html |