Eli Taft

Eli Taft

CFEngine Guest Post


I was recently speaking with some of the developers at CFEngine about the approach I took to configure cfengine-community for a client that had some very specific requirements. It had mostly to do with having multiple hubs that serve policies to thousands of servers that aren’t all identical, how to determine the differences between them, and how to only serve promises that are appropriate given a server’s specific requirements. The main issue, for the client, was security. These servers needed to comply to a specific security standard, but the method for securing them changes based on the type of server it is.

Anyway, one of the developers at CFEngine said that they’ve actually gotten a few similar questions to this in the past, and he thought my approach could be helpful for others in the future. He asked if I would write up my proposed solution in a generic way, and they’ve just published it to their website! Glad to help, and grateful for the support that CFEngine provides for their community product. Here’s a link to my article on their website:

Context-specific Security Settings

← Back to home