From e5527025860846f2298b7eef76cac23a0d8cface Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?=
 <konstruktoid@users.noreply.github.com>
Date: Wed, 29 May 2024 22:19:57 +0000
Subject: [PATCH] readd automated security updates
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
---
 src/automated-security-updates.yml | 9 +++++++++
 src/base.yml                       | 3 +++
 src/playbook.yml                   | 3 +++
 src/requirements.yml               | 2 ++
 4 files changed, 17 insertions(+)
 create mode 100644 src/automated-security-updates.yml

diff --git a/src/automated-security-updates.yml b/src/automated-security-updates.yml
new file mode 100644
index 0000000..d3a8212
--- /dev/null
+++ b/src/automated-security-updates.yml
@@ -0,0 +1,9 @@
+---
+- name: Configure for automated security updates
+  hosts: all
+  become: true
+  become_method: ansible.builtin.sudo
+  tasks:
+    - name: Set up automated security updates
+      ansible.builtin.include_role:
+        name: automated_security_updates
diff --git a/src/base.yml b/src/base.yml
index c8244c8..4208c31 100644
--- a/src/base.yml
+++ b/src/base.yml
@@ -4,6 +4,9 @@
   become: true
   become_method: ansible.builtin.sudo
   tasks:
+    - name: Install and configure automated security updates
+      ansible.builtin.include_role:
+        name: automated_security_updates
     - name: Install and configure login banner
       ansible.builtin.include_role:
         name: banner
diff --git a/src/playbook.yml b/src/playbook.yml
index 3997e31..0cd4991 100644
--- a/src/playbook.yml
+++ b/src/playbook.yml
@@ -2,6 +2,9 @@
 - name: Import base image playbook
   ansible.builtin.import_playbook: base.yml
 
+- name: Import automated security updates playbook
+  ansible.builtin.import_playbook: automated-security-updates.yml
+
 - name: Import UFW playbook
   ansible.builtin.import_playbook: ufw.yml
 
diff --git a/src/requirements.yml b/src/requirements.yml
index 6c6c316..16a0257 100644
--- a/src/requirements.yml
+++ b/src/requirements.yml
@@ -4,6 +4,8 @@ collections:
 roles:
   - name: amazon_ssm_agent
     src: https://github.com/cisagov/ansible-role-amazon-ssm-agent
+  - name: automated_security_updates
+    src: https://github.com/cisagov/ansible-role-automated-security-updates
   - name: banner
     src: https://github.com/cisagov/ansible-role-banner
   - name: cdm_nessus_agent