IT3110 - System Automation

IT3110 @ utahtech

Week 12 Assignment

Scenario: Secure Disk Partitioning and File System Configuration for a Financial Institution

Background: You are a system administrator responsible for managing the infrastructure of a financial institution. Security and data integrity are of utmost importance in this environment, where sensitive financial information is stored and processed. To ensure the confidentiality, integrity, and availability of data, you need to implement secure disk partitioning and file system configuration practices.

Requirements:

  1. Infrastructure Overview:
    • The infrastructure consists of a dedicated server hosting financial applications and databases. (Assume your AWS instance created with Terraform)
    • The server runs a Linux operating system (e.g., Ubuntu) and is equipped with an additional 5 Gig disk for storage. An example terraform config that will show you how to attach a volume can be found here
  2. Disk Partitioning:
    • Partition the new disk to segregate files effectively.
    • Allocate partition sizes as follows:
      • /var/log/audit: 1GB for audit logs (to store audit records securely)
      • /sysadmin: 200MB for sys ad related files
      • /executives: 500MB for the CEO, CFO, CIO to utilize
      • /analysts : 200MB for the analysts to use.
  3. File System Configuration:
    • Configure file systems on each partition with the following specifications:
      • Use ext4 for each partition to ensure compatibility and reliability.
      • Set appropriate parameters for each file system, including block size, inode count, and reserved blocks, to optimize performance and storage utilization.
      • Implement mount options such as noexec, nosuid, and nodev for /analysts to make sure they don’t breeak anything.
  4. Automation with Ansible:
    • Utilize Ansible automation to streamline the disk partitioning and file system configuration process.
    • Define Ansible variables to parameterize partition sizes, file system types, and configuration parameters, allowing for easy customization and scalability.
    • Implement error handling and validation checks within the Ansible playbook to ensure robustness and reliability of the automation workflow.

** Pass off **

You should run the playbook and verify that all works. You will show the output to your instructor.

Your instructor will then ask you to modify something and you should be able to identify what you would change in Ansible to make it happen.