Because Ansible is a flexible and extensible automation tool, you can use multiple strategies to install the Lacework agents. Use the following skeleton Debian and RPM playbooks as building blocks to create more advanced, environment-specific playbooks.
Each playbook consists of two parts:
Installation of the Lacework agent. To ensure the latest package, the playbooks query the Lacework repository. Playbooks can be made to retrieve files locally.
Distribution of a Lacework configuration file - config.json. The config.json file must minimally include an access token, or the Lacework datacollector is not able to communicate with the Lacework application. In the examples below, config.json is located in the /etc/ansible/lacework/ directory of the Ansible server. You must create this file.
RPM Installation
- hosts: lacework_servers become: yes tasks: - name: configure the lacework repo yum_repository: name: packages-lacework-prod description: packages-lacework-prod baseurl: https://packages.lacework.net/RPMS/x86_64/ gpgkey: https://packages.lacework.net/keys/RPM-GPG-KEY-lacework gpgcheck: yes enabled: yes - name: install lacework datacollector yum: name: lacework state: latest - name: wait until /var/lib/lacework/config/ is created wait_for: path: /var/lib/lacework/config/ - name: copy config.json copy: src: /etc/ansible/lacework/config.json dest: /var/lib/lacework/config/config.json owner: root group: root mode: 0644
Debian Installation
- hosts: lacework_servers become: yes tasks: - name: add apt signing key apt_key: keyserver: hkp://keyserver.ubuntu.com:80 id: 18E76630 state: present - name: add lacework repository into source list apt_repository: repo:"deb [arch=amd64] https://packages.lacework.net/DEB/{{ ansible_distribution | lower }}/{{ ansible_distribution_version }} {{ ansible_distribution_release }} main" filename: lacework state: present update_cache: yes - name: install lacework datacollector apt: name: lacework state: latest - name: wait until /var/lib/lacework/config/ is created wait_for: path: /var/lib/lacework/config/ - name: copy config.json copy: src: /etc/ansible/lacework/config.json dest: /var/lib/lacework/config/config.json owner: root group: root mode: 0644