Why Ansible for this setup?
Ansible is made for security automation and hardening. It uses YAML syntax, which helps us to codify our entire process of repeated tasks. By using this, we can automate the process of continuous delivery and deployment of infrastructure using roles and playbooks.
The modular approach enables us to perform tasks very simply. For example, the operations teams can write a playbook to set up a WordPress site and the security team can create another role which can harden the WordPress site.
It is very easy to use the modules for repeatability, and the output is idempotent, which means creating standards for the servers, applications, and infrastructure. Some use cases include creating base images for organizations using internal policy standards.
Ansible uses SSH protocol, which is by default secured with encrypted transmission and host encryption. Also, there are no dependency issues while dealing with different types of operating systems. It uses Python to perform; this can be easily extended, based on our use case.