30 days.


You should have the following understanding or knowledge:

  • Basic Linux administration skills
  • Basic Windows administration skills
  • Knowledge and working experience of VMware vSphere® environments

Skills Gained

By the end of the course, you should be able to meet the following objectives:

  • Describe the architecture of SaltStack Config and SaltStack SecOps
  • Integrate SaltStack Config with directory services.
  • Configure roles and permissions for users and groups to manage and use SaltStack SecOps
  • Use targeting to ensure that the jobs run on the correct minion systems
  • Use remote execution modules to install the packages, transfer files, manage services, and manage userson minion systems
  • Manage configuration control on the minion systems with states, pillars, requisites, and declarations
  • Use Jinja and YAML code to manage the minion systems with the state files
  • Enforce the desired state across minion systems automatically
  • Use SaltStack SecOps to update the compliance and vulnerability content libraries
  • Use SaltStack SecOps to enforce compliance and remediation on the infrastructure with industry standards
  • Use SaltStack SecOps to provide automated vulnerability scanning and remediation on your infrastructure

Who Can Benefit?

  • Security administrators who are responsible for using SaltStack SecOps to manage the security operations in their enterprise

Outline for VMware vRealize Automation SaltStack SecOps: Deploy and Manage [V8.6]-On Demand Training


Course Introduction

  • Introductions and course logistics
  • Course objectives

SaltStack Config Architecture

  • Identify the SaltStack Config deployment types
  • Identify the components of SaltStack Config
  • Describe the role of each SaltStack Config component

SaltStack Config Security

  • Describe local user authentication
  • Describe LDAP and Active Directory authentication
  • Describe the roles and permissions in vRealize Automation for SaltStack Config
  • Describe the roles and permissions in SaltStack Config
  • Describe the SecOps permissions in SaltStack Config
  • Describe the advanced permissions available in SaltStack Config

Targeting Minions

  • Describe targeting and its importance
  • Target minions by minion ID
  • Target minions by glob
  • Target minions by regular expressions
  • Target minions by lists
  • Target minions by compound matching
  • Target minions by complex logical matching

Remote Execution and Job Management

  • Describe remote execution and its importance
  • Describe functions and arguments
  • Create and manage jobs
  • Use the Activities dashboard

Configuration Control Through States, Pillars, Requisites, and Declarations

  • Define the SaltStack states
  • Describe file management in SaltStack Config
  • Create the SaltStack state files
  • Identify the components of a SaltStack state
  • Describe pillar data and the uses of pillar data
  • Configure pillar data on the SaltStack Config master server
  • Use pillar data in variables in the state files
  • Describe the difference between IDs and names in the state files
  • Use the correct execution order
  • Use requisites in the state files

Using Jinja and YAML

  • Describe the SaltStack Config renderer system
  • Use YAML in the state files
  • Use Jinja in the state files
  • Use Jinja conditionals, lists, and loops

Using SaltStack SecOps Comply

  • Describe the SaltStack SecOps Comply architecture
  • Describe CIS and DISA STIG benchmarks
  • Describe the SaltStack SecOps Comply security library
  • Describe the remediation differences between SaltStack SecOps and VMware Carbon Black®
  • Create and manage the policies
  • Create and manage the custom checks
  • Run assessments on the minion systems
  • e SaltStack SecOps to remediate the noncompliant systems
  • Manage the SaltStack SecOps Comply configuration options
  • Manage the benchmark content ingestion

Using SaltStack SecOps Protect

  • Describe Common Vulnerabilities and Exposures (CVEs)
  • Use the Protect dashboard
  • Create and manage the policies
  • Update the vulnerability library
  • Run the vulnerability scans
  • Remediate the vulnerabilities
  • Manage the vulnerability exemptions

Product Alignment

  • VMware vRealize® Automation SaltStack® Config 8.6
  • VMware vRealize® Automation SaltStack® SecOps 8.6
  • VMware vRealize® Automation 8.7