Use fully qualified connection names (FQCNs) for task names

Author: jsf9k

src/playbook.yml

@@ -1,18 +1,18 @@
 ---
 - name: Import base image playbook
-  import_playbook: base.yml
+  ansible.builtin.import_playbook: base.yml
 
 - name: Import UFW playbook
-  import_playbook: ufw.yml
+  ansible.builtin.import_playbook: ufw.yml
 
 - name: Import OpenVPN playbook
-  import_playbook: openvpn.yml
+  ansible.builtin.import_playbook: openvpn.yml
 
 - name: Import VENOM playbook
-  import_playbook: venom.yml
+  ansible.builtin.import_playbook: venom.yml
 
 - name: Import AWS playbook
-  import_playbook: aws.yml
+  ansible.builtin.import_playbook: aws.yml
 
 - name: Import hardening playbook
-  import_playbook: harden.yml
+  ansible.builtin.import_playbook: harden.yml

src/ufw.yml

@@ -31,7 +31,7 @@
     - name: Configure default policies
       block:
         - name: Set all default policies to deny
-          ufw:
+          community.general.ufw:
             default: deny
             direction: "{{ item }}"
           loop:
@@ -43,7 +43,7 @@
         # The OpenVPN port is already opened in
         # cisagov/ansible-role-openvpn
         - name: Allow ssh only from lo
-          ufw:
+          community.general.ufw:
             comment: Allow ssh only from lo
             direction: in
             interface: lo
@@ -53,15 +53,15 @@
     - name: Configure outgoing traffic
       block:
         - name: Allow various outgoing traffic
-          ufw:
+          community.general.ufw:
             comment: Allow {{ item.port }} via {{ item.proto | upper }}
             direction: out
             proto: "{{ item.proto }}"
             rule: allow
             to_port: "{{ item.port }}"
           loop: "{{ outgoing_only_ports }}"
         - name: Allow outgoing NTP traffic to AWS
-          ufw:
+          community.general.ufw:
             comment: Allow NTP via UDP to AWS
             direction: out
             proto: udp
@@ -70,7 +70,7 @@
             to_ip: 169.254.169.123
             to_port: ntp
         - name: Allow outgoing DHCP traffic
-          ufw:
+          community.general.ufw:
             comment: Allow outgoing DHCP via UDP
             direction: out
             from_port: bootpc
@@ -85,15 +85,15 @@
         # of the law, not the intent.  Next thing you know I'll be
         # chasing ambulances.  :(
         - name: Allow routed packets from anywhere to anywhere
-          ufw:
+          community.general.ufw:
             comment: Allow routed packets from anywhere to anywhere
             route: yes
             rule: allow
     - name: Configure loopback traffic
       # CIS hardening demands these changes.
       block:
         - name: Allow any traffic in or out from lo
-          ufw:
+          community.general.ufw:
             comment: Allow any traffic in or out from lo
             direction: "{{ item }}"
             interface: lo
@@ -102,7 +102,7 @@
             - in
             - out
         - name: Deny any traffic in from 127.0.0.0/8 or ::1
-          ufw:
+          community.general.ufw:
             comment: Deny any traffic in from 127.0.0.0/8 or ::1
             direction: in
             from_ip: "{{ item }}"

src/venom.yml

@@ -32,7 +32,7 @@
         third_party_bucket_name: "{{ build_bucket }}"
   tasks:
     - name: Configure UFW for VENOM traffic
-      ufw:
+      community.general.ufw:
         comment: >
           Allow {{ item.port }} {{ item.direction }} via
           {{ item.proto | upper }}