Ansible-Specific Security
Detects Ansible-specific secret exposure: hardcoded connection credentials (become_pass, ssh_pass, winrm_password), vault password files, SNMP community strings, Terraform state access, kubeconfig manipulation, and CI/CD token leakage.
30 rules in ansible_specific.yml
CRITICAL: 13 | HIGH: 16 | MEDIUM: 1
| Rule ID | Severity | Title | Description | Refs |
|---|---|---|---|---|
ansible_ | CRITICAL | ansible_become_pass in Playbook | Hardcodes the sudo/become password in the playbook, exposing it in version control | |
ansible_ | CRITICAL | Ansible Connection Password Exposed | Hardcodes connection-level passwords in inventory or playbook variables | |
ansible_ | CRITICAL | ansible_ssh_pass in Playbook | Hardcodes the SSH password in the playbook instead of using key-based auth | |
ansible_ | CRITICAL | WinRM Password in Playbook | Hardcodes ansible_winrm_password (or ansible_winrm_cert_key_pem) for Windows hosts in plaintext. WinRM credentials should live in ansible-vault or a secret manager, never in inventory or vars. | |
awx_ | CRITICAL | AWX/AAP OAuth Token Hardcoded | An AWX/AAP OAuth2 personal access token (oauth_token / tower_oauthtoken) is committed as a plaintext literal rather than resolved from Vault or an environment lookup. | |
awx_ | CRITICAL | AWX/AAP Survey Password Field With Literal Default | A Survey Spec declares a password-type question but supplies a plaintext literal as its default, leaking the value into the Job Template export, audit log, and anyone with read access to the Survey. | |
cicd_ | CRITICAL | CI/CD Token Logged or Echoed | Echoes or prints a CI/CD token (CI_JOB_TOKEN, GITHUB_TOKEN, ACTIONS_RUNTIME_TOKEN, etc.) inside a shell task. The token is captured in the build log and visible to anyone with log access. | |
cicd_ | CRITICAL | CI/CD Pipeline Token Exposed | References CI/CD pipeline tokens which could be used to compromise the build system | |
docker_ | CRITICAL | Docker / Podman / containerd Socket Mounted Into a Container | A community.docker.docker_container, containers.podman.podman_container, or raw docker run / podman run task bind-mounts /var/run/docker.sock, /run/docker.sock, /var/run/containerd/containerd.sock, /run/containerd/containerd.sock, /var/run/crio/crio.sock, or /run/podman/podman.sock into the container. Any process inside that container can then create new privileged containers, mount host paths, and escape to root on the host - the canonical ‘docker.sock = root’ escape documented by every container-escape CTF and actively abused by Kinsing, TeamTNT, and Docker-Hub cryptomining campaigns. | |
podman_ | CRITICAL | Podman Container Run With –privileged or Equivalent Cap-Add | A containers.podman.podman_container task sets privileged: true, or a raw podman run / podman create includes --privileged, --cap-add=SYS_ADMIN (or ALL), or --security-opt label=disable together with --security-opt seccomp=unconfined. Podman was adopted by RHEL as the rootless alternative to Docker specifically to contain this blast radius - --privileged re-enables every capability plus device pass-through, negating rootless mode entirely. | |
powershell_ | CRITICAL | PowerShell Download Cradle | Uses PowerShell to download and execute code from a remote URL (living off the land) | |
terraform_ | CRITICAL | Terraform State File Access | Accesses terraform.tfstate which contains all resource attributes including secrets | |
windows_ | CRITICAL | Windows Registry Persistence | Modifies Windows registry Run/RunOnce keys to establish persistence across reboots | |
awx_ | HIGH | AWX/AAP Controller Credentials Hardcoded | awx.awx.* modules configured with a plaintext controller_password / tower_password, or a controller_host pointing at a preview/staging instance with a committed admin credential. | |
awx_ | HIGH | AWX/AAP Credential Object With Inline Secret | awx.awx.credential created with inputs.password / inputs.ssh_key_data containing a plaintext literal. The credential object is meant to protect the value but an inline literal defeats that and exposes it in source control. | |
awx_ | HIGH | AWX/AAP Execution Environment Configured Privileged | awx.awx.execution_environment or the Controller API configures an EE with –privileged, –network=host, or a hostPath mount, giving the automation container kernel-level access to the controller node. | |
awx_ | HIGH | AWX/AAP Inventory Source Pulls From Untrusted SCM | awx.awx.inventory_source configured with source=scm pointing at an unauthenticated HTTP URL, a raw gist, or a wildcard branch reference - an attacker who takes over the source controls inventory (and therefore which hosts run what). | |
awx_ | HIGH | AWX/AAP Job Launch Accepts User-Supplied extra_vars | awx.awx.job_launch / tower_job_launch called with extra_vars that appear to come from an untrusted source (survey, webhook, API). If the corresponding Job Template has ask_variables_on_launch=true without a Survey Spec restricting allowed keys, attackers can inject variables that override playbook defaults or pass dangerous values to tasks. | |
awx_ | HIGH | AWX/AAP Notification Template With Embedded Token | awx.awx.notification_template with a Slack/Teams/PagerDuty webhook URL that embeds a bot token or signing secret in the URL - leaks the credential to anyone with read on the notification configuration. | |
awx_ | HIGH | AWX/AAP Webhook Signing Secret Hardcoded | A Job Template webhook_credential / webhook_key is committed as a literal. Anyone with read access can forge signed webhook events and launch jobs. | |
buildah_ | HIGH | Buildah Unshare / Build Running as Root | A task invokes buildah unshare, buildah bud, or buildah build from within a playbook running as root (implied by become: true at task level and no explicit --isolation=rootless). Running Buildah as root defeats its primary security guarantee - it uses the host’s user and mount namespaces directly, which means a malicious Containerfile RUN step can escape to the host filesystem via a symlink race or crafted /etc write. | |
elasticsearch_ | HIGH | Unauthenticated Elasticsearch Access | Accesses Elasticsearch API without authentication, exposing data to unauthorized reads | |
kubeconfig_ | HIGH | Kubeconfig File Exfiltration or Distribution | A task EXFILTRATES a kubeconfig file (via ansible.builtin.slurp / ansible.builtin.fetch - read the controller’s or remote’s ~/.kube/config back to the playbook) OR DISTRIBUTES one (via ansible.builtin.copy / ansible.builtin.template with src: pointing at a kubeconfig). Both shapes leak cluster-admin-equivalent credentials. Merely setting KUBECONFIG=/path/to/config as an environment variable for a local kubectl call is NOT flagged - that’s the normal operator pattern. The real risk is the credentials LEAVING their trust boundary. | |
mongodb_ | HIGH | Unauthenticated MongoDB Access | Connects to MongoDB without –password or –authenticationDatabase. Unauthenticated MongoDB access is the shape exploited by the historical ‘MongoDB ransom’ campaigns. | |
powershell_ | HIGH | PowerShell Invoke-Expression Usage | Uses Invoke-Expression (IEX) to execute dynamically constructed commands | |
redis_ | HIGH | Unauthenticated Redis Access | Connects to Redis without authentication, which defaults to no password | |
snmp_ | HIGH | SNMP Community String Exposed | Hardcodes SNMP community strings which grant read/write access to network devices | |
terraform_ | HIGH | Ansible Invokes terraform apply -auto-approve | A task runs terraform apply -auto-approve (or the community.general.terraform: state: present module with force_init: true and no plan-then-apply sequence). This bypasses the human review step that Terraform’s two-phase plan/apply was designed for - destructive changes (destroy/recreate of a database, security-group rewrite, IAM-role deletion) happen at playbook speed with no diff shown to an operator. | |
vault_ | HIGH | Vault Password File Referenced | References a vault password file, which may contain plaintext master secret | |
awx_ | MEDIUM | AWX/AAP Job Template With ask_credential_on_launch | A Job Template that allows ask_credential_on_launch=true together with become_enabled=true lets launchers substitute their own credential at run time - useful for ad-hoc ops but dangerous for privileged automation because it removes the deterministic credential/audit trail. |