Creating an auditd rule to monitor Ansible Automation Platform static secrets (opens in new tab)

Ansible Automation Platform (AAP) comes with an elaborate credential management solution. All credentials within AAP are stored encrypted in a PostgreSQL database. But the keys used for encrypting database fields are currently stored on the machine(s) running AAP. In this blog post, we show we created an auditd rule to get at least some kind of monitoring if those keys are accessed. Ansible Automation Platform local SECRET_KEY AAP comes with a . Credentials are used to access remote machines ...