Preface

Using Puppet is currently one of the hottest trends right now in the IT industry. As the industry moves away from manual provisioning towards automation, the usage of Puppet and its associated tools will only continue to grow.

With the rise of automation, and the repetitive tasks that security often entails, it makes perfect sense for Puppet to be a strong security tool. With proper configuration, Puppet can assist in securing your servers, showing compliance with various standards, and generally easing the workload of security-related personnel.

This book is a practical introduction to Puppet for security professionals. It will guide you into the world of automation, showing you how to make repetitive tasks a breeze. With the knowledge learned here, you can begin the process of bringing your system configurations into code, where they can be audited and treated much like you would treat a code base.

Starting with the beginning, and assuming that you only have the knowledge of Linux operating systems, we will explore the basics of Puppet. From there on, we will cover examples and concepts of increasing complexity and skill until you are ready to start on your own. In doing this, we will cover using the Puppet code for auditing, as well as using reports and other data to show compliance. We'll explore centralized logging, and learn how you can use Puppet to make your SELinux tasks easier.