Today we’re excited to announce Puppet Enterprise 1.2 with two great new features that give you the intelligence you need to prove you’re in compliance with your change management processes.
With Puppet Enterprise Compliance you set a desired-state for each of your systems and monitor them for any changes, right from our web-based Dashboard, creating a baseline. You'll be alerted to changes on monitored nodes and you choose to accept or reject each change. Accepted changes will become part of the baseline, and rejected changes will still show up in Dashboard until you manually update the node to your desired state. This helps you create a maintenance to do list, ensuring nothing slips through the cracks.
There are lots of different times this type of monitoring and insight is important. If you have a tremendous amount of change in your environment Puppet Enterprise Compliance monitors priority resources, giving you the agility to act immediately on unapproved changes. Compliance also allows you to track spent time and resources on unmanaged resources that go through periodic, high-volume change, indicating when these troublesome resources are ready for Puppet’s continuous automated management.
With Puppet Enterprise Compliance you can:
- Confirm changes are in compliance with change management policies
- Identify unauthorized or unexpected change
- Improve visibility and enforce accountability across the enterprise
- Reduce unplanned downtime and improve mean time to repair
- Gather data to track IT resources and costs
- Monitor systems under consideration for Puppet automated management
And with Puppet you're not limited to auditing just content and metadata of files, like other monitoring software. Using built-in Puppet resource types you can also audit user accounts, packages, services, cron jobs, or anything else that Puppet manages. You can even write plug-ins to monitor your custom resources.
Also with this Puppet Enterprise 1.2 release, we’ve solved another compliance headache when it comes to managing user accounts. Puppet Enterprise now has the built-in capability to support best practices for user account management and ensure compliance with internal policies. With Puppet you can assess and make changes on all of your machines with one command, without the availability risks you find in central directory software. Puppet even manages SSH keys for password-less access, using public and private keys instead of insecure passwords. And Puppet records all account changes, creating an auditable trail and ensuring internal change management policies are followed.
Puppet Enterprise user account management now makes it easier to:
- Perform required periodic password changes
- Provision a new user
- Grant user access
- Revoke user access
- Remove a user from the database
- Grant limited access to a user, as in giving someone permission to reboot a web server but not permission shut down the machine