Turbot Guardrails now includes support for enterprise guardrails for Linux, including security hardening and user management.
Ubuntu 14.04 and Red Hat Enterprise Linux are both supported, with security hardening based on the Center for Internet Security Benchmarks.
Here is how it works:
Users create SSH keys in the Turbot Guardrails console, which will be used for all their Linux access.
Users are given login access to Linux by adding them to the Linux/{User,Operator,Admin} roles in the account.
Linux servers are started using the standard EC2 console and the standard Linux images provided by AWS, Ubuntu or Red Hat. The user associates the Linux instance with the "turbot" key pair which is automatically created and available.
Turbot Guardrails detects the instance and starts automatically enforcing security rules and user access. This is performed through specialized Ansible playbooks that implement configuration and security hardening of the instance.
We're incredibly excited about this new capability and look forward to your feedback and suggestions for improvements!