Chapter 28. Setting up Red Hat Insights for Red Hat Ansible Automation Platform Remediations
Automation controller supports integration with Red Hat Insights.
When a host is registered with Red Hat Insights, it is scanned continually for vulnerabilities and known configuration conflicts. Each problem identified can have an associated fix in the form of an Ansible Playbook.
Red Hat Insights users create a maintenance plan to group the fixes and can create a playbook to mitigate the problems. Automation controller tracks the maintenance plan playbooks through a Red Hat Insights project.
Authentication to Red Hat Insights through Basic Authorization is backed by a special credential, which must first be established in automation controller. To run a Red Hat Insights maintenance plan, you need a Red Hat Insights project and inventory.
28.1. Creating Red Hat Insights credentials
Use the following procedure to create a new credential for use with Red Hat Insights:
Procedure
-
From the navigation panel, select
. - Click .
Enter the appropriate details in the following fields:
- Name: Enter the name of the credential.
- Optional: Description: Enter a description for the credential.
- Optional: Organization: Enter the name of the organization with which the credential is associated, or click the search icon and select it from the Select organization window.
Credential type: Enter Insights or select it from the list.
- Username: Enter a valid Red Hat Insights credential.
- Password: Enter a valid Red Hat Insights credential. The Red Hat Insights credentials are the user’s Red Hat Customer Portal account username and password.
- Click .
28.2. Creating a Red Hat Insights project
Use the following steps to create a new project for use with Red Hat Insights:
Procedure
-
From the navigation panel, select
. - Click .
Enter the appropriate details in the following fields. Note that the following fields require specific Red Hat Insights related entries:
- Name: Enter the name for your Red Hat Insights project.
- Optional: Description: Enter a description for the project.
- Organization: Enter the name of the organization with which the credential is associated, or click the search icon and select it from the Select organization window.
- Optional: Execution environment: The execution environment that is used for jobs that use this project.
- Source control type: Select Red Hat Insights.
- Optional: Content signature validation credential: Enable content signing to verify that the content has remained secure when a project is synced.
- Insights credential: This is pre-populated with the Red Hat Insights credential you created before. If not, enter the credential, or click the search icon and select it from the Select Insights Credential window.
Select the update options for this project from the Options field and provide any additional values, if applicable. For more information about each option click the tooltip icon next to each one.
- Click .
All SCM and project synchronizations occur automatically the first time you save a new project. If you want them to be updated to what is current in Red Hat Insights, manually update the SCM-based project by clicking the update icon under the project’s available actions.
This process syncs your Red Hat Insights project with your Red Hat Insights account solution. Note that the status dot beside the name of the project updates once the sync has run.
28.3. Create an Insights inventory
The Insights playbook contains a hosts:
line where the value is the host name supplied to red Hat insights, which can be different from the host name supplied to automation controller
To create a new inventory to use with Red Hat Insights, see Creating Insights credentials.
28.4. Remediating a Red Hat Insights inventory
Remediation of a Red Hat Insights inventory enables automation controller to run Red Hat Insights playbooks with a single click. You can do this by creating a job template to run the Red Hat Insights remediation.
Procedure
-
From the navigation menu, select
. - On the Templates list view, click and select from the list.
Enter the appropriate details in the following fields. Note that the following fields require specific Red Hat Insights related entries:
- Name: Enter the name of your Maintenance Plan.
- Optional: Description: Enter a description for the job template.
- Job Type: If not already populated, select Run from the job type list.
- Inventory: Select the Red Hat Insights inventory that you previously created.
- Project: Select the Red Hat Insights project that you previously created.
- Optional: Execution Environment: The container image to be used for execution.
- Playbook: Select a playbook associated with the Maintenance Plan that you want to run from the playbook list.
- Optional: Credentials: Enter the credential to use for this project or click the search ( ) icon and select it from the pop-up window. The credential does not have to be a Red Hat Insights credential.
Verbosity: Keep the default setting, or select the desired verbosity from the list.
- Click .
- Click the launch icon to launch the job template.
When complete, the job results in the Job Details page.