rhdp_auto_satellite exercise updates 2025-02-05.01

exercises/rhdp_auto_satellite/1-compliance/README.md

@@ -5,21 +5,21 @@ Automated Satellite Workshop: Configuring and performing an OpenSCAP Scan
 <br>![uk](../../../images/uk.png) [English](README.md), ![france](../../../images/fr.png) [Français](README.fr.md).
 <br>
 
-In this exercise, we will learn how to configure and perform an OpenSCAP scan using playbooks in Ansible Automation Platform 2 with Satellite.
+In this exercise, we will learn how to configure and perform an OpenSCAP scan using playbooks in Ansible Automation Platform with Satellite.
 
-When running multiple Red Hat Enterprise Linux systems, it's important to keep all of these systems compliant with a meaningful security policy and perform security scans often.
+When running multiple Red Hat Enterprise Linux systems, it's important to keep all of these systems compliant with a meaningful security policy and performing security scans often.
 OpenSCAP is an open source project that defines the language used to express compliance checklists in human and machine readable form (XML). 
 Government agencies, corporations, and e-commerce organizations, for example, provide their compliance checklists using OpenSCAP.
 The OpenSCAP project also develops tools for automated compliance checking.
-Red Hat Satellite is configured with openscap integration enabled by default. 
-This installs openscap ansible modules, roles, and related tools. Satellite is also loaded with the SCAP security guide (SSG)(scap-seruity-guide.noarch). 
-The SSG contains the checklist files for multiple standards, for multiple operating systems and releases. 
-These checklists allow for scanning systems to evaluate benchmarks for like CIS, PCI, HIPPA, Justice and DISA-STIG compliance. 
+Red Hat Satellite is configured with OpenSCAP integration enabled by default. 
+This installs OpenSCAP ansible modules, roles, and related tools. Satellite is also loaded with the SCAP security guide (SSG)(scap-seruity-guide.noarch). 
+The SSG contains the checklist files for multiple standards, multiple operating systems and releases. 
+These checklists allow for scanning systems to evaluate benchmarks such as CIS, PCI, HIPPA, Justice and DISA-STIG compliance. 
 
 The SCAP packages are available with every install of RHEL. 
-You can also install the RPM package for the SCAP workbench (e.g. scap-workbench.x86_64) which provides the ability to load and examine the checklists in a user friendly GUI. 
+You can also install the RPM package for the SCAP workbench (e.g. scap-workbench.x86_64) which provides the ability to load and examine the checklists in a user-friendly GUI. 
 You can create a tailoring file for any of the included profiles that allows you to turn on or turn off specific checks to meet the your organization's unique requirements. You can launch and test scans based on your profiles using the tool. 
-Your tailoring files and the profile can be loaded into Satellite and assigned to groups of systems customize scanning and reporting. Satellite produces reports to meet audit specifications.
+Your tailoring files and the profile can be loaded into Satellite and assigned to groups of systems for custom scanning and reporting. Satellite produces reports to meet audit specifications.
 
 This exercise will focus on standard profiles for PCI and DISA STIG for RHEL systems. Tailoring and other operating systems will be out of scope.
 
@@ -55,7 +55,9 @@ Exercise
 
 Now we will start configuring a compliance policy that we can use to scan our RHEL nodes.
 
--   In Satellite hover over 'Hosts' from the menu pane on the left side, and then click on 'Policies'
+-   In the Satellite UI, click on the 'Hosts' dropdown menu pane on the left, then click on the 'Compliance' dropdown, followed by clicking on 'Policies'
+
+![satellite_policy](images/1-compliance-aap2-Satellite_Policies.png)
 
 -   Click on the "New Policy" button, and fill out the details as in step 3 below.
 
@@ -271,4 +273,4 @@ This step will expand our OpenSCAP policy scan to add another XCCDF compliance p
 #### 9\. End of Exercise
 
 -   You have finished Exercise 1.
--   Continue to [Exercise 2: Patch Management / OS](../2-patching/README.md), OR [Return to the main workshop page](../README.md)
+-   Continue to [Exercise 2: Patch Management / OS](../2-patching/README.md), or [Return to the main workshop page](../README.md)

exercises/rhdp_auto_satellite/README.md

@@ -11,7 +11,8 @@ In this workshop, you will learn how to get the most from Red Hat Satellite in c
 - [Presentations](#presentations)
 - [Time planning](#time-planning)
 - [Lab Diagram](#lab-diagram)
-- [Workshop Exercises](#Workshop-Exercises)
+- [Your Environment](#your-environment)
+- [Workshop Exercises](#workshop-exercises)
 
 ## Use Cases
 
@@ -40,20 +41,74 @@ Having said that, the exercises themselves should take roughly 4 to 5 hours. Com
 ## Lab Diagram
 ![automated Satellite lab diagram](../../images/ansible_smart_mgmt_diagram.png#centreme)
 
-### Environment
+### Your Environment
 
-| Role                                | Inventory name |
-| ------------------------------------| ---------------|
-| Automation controller               | ansible-1      |
-| Satellite Server                    | satellite      |
-| Managed Host 1 - RHEL               | node1          |
-| Managed Host 2 - RHEL               | node2          |
-| Managed Host 3 - RHEL               | node3          |
-| Managed Host 4 - CentOS/OracleLinux | node4          |
-| Managed Host 5 - CentOS/OracleLinux | node5          |
-| Managed Host 6 - CentOS/OracleLinux | node6          |
+| Role                                   | Inventory name |
+| ---------------------------------------| ---------------|
+| Ansible Automation Platform controller | ansible-1      |
+| Satellite Server                       | satellite      |
+| Managed Host 1 - RHEL                  | node1          |
+| Managed Host 2 - RHEL                  | node2          |
+| Managed Host 3 - RHEL                  | node3          |
+| Managed Host 4 - CentOS/OracleLinux    | node4          |
+| Managed Host 5 - CentOS/OracleLinux    | node5          |
+| Managed Host 6 - CentOS/OracleLinux    | node6          |
 
+### Step 1 - Access the AAP Web UI
 
+The AAP Web UI is where we will go to submit and check the status of the Ansible playbook jobs we will use to automate Satellite and our managed hosts.
+
+- Let's open the AAP Web UI in a new web browser tab using the "Console" link under "Red Hat Ansible Automation Controller" on the workshop launch page. For example:
+
+  ![Example link to AAP Web UI](images/aap_link.png)
+
+- Enter the username `admin` and the password provided. This will bring you to your AAP Web UI dashboard like the example below:
+
+  ![Example AAP Web UI dashboard](images/aap_console_example.png)
+
+- We will learn more about how to use the AAP Web UI in the next exercise.
+
+### Step 2 - Access the Visual Studio Code Web UI
+
+We will use Visual Studio Code (VS Code) as it provides a convenient and intuitive way to use a web browser to edit files and access terminal sessions. If you are a command line hero, direct SSH access is available if VS Code is not to your liking. There is a short YouTube video to explain if you need additional clarity: <a href="https://youtu.be/Y_Gx4ZBfcuk">Ansible Workshops - Accessing your workbench environment</a>.
+
+- You can open VS Code in your web browser using the "Console URL" link under "Visual Studio Code" on the workshop landing page. The password is provided below the link. For example:
+
+  ![Example link to VS Code WebUI](images/vscode_link.png)
+
+- After opening the link, type in the provided password to access your instance of VS Code.
+
+> **Note**
+>
+> A welcome wizard may appear to guide you through configuring your VS Code user experience. This is optional as the default settings will work fine for this workshop. Feel free to step though the wizard to explore the VS code bells and whistles or you may just skip it.
+
+### Step 3 - Open a Terminal Session
+
+Terminal sessions provide access to the RHEL commands and utilities that will help us understand what's going on "behind the curtain" when the RHEL in-place upgrade automation is doing its thing.
+
+- Use VS Code to open a terminal session. For example:
+
+  ![Example of how to open a terminal session in VS Code](images/new_term.svg)
+
+- This terminal session will be running on the AAP control host `ansible-1`. Next, use the `ssh` command to login to one of your RHEL hosts. Finally, use the highlighted commands to confirm the RHEL OS version and kernel version installed.
+
+  For example:
+
+  ![Example ssh login to RHEL host](images/ssh_login.png)
+
+- In the example above, the command `ssh node1` connects us to a new session on the node1 host. Then the commands `cat /etc/redhat-release` and `uname -r` are used to output the OS release information `Red Hat Enterprise Linux Server release 7.9 (Maipo)` and kernel version `3.10.0-1160.102.1.el7.x86_64` from that host.
+
+### Step 4 - Access the Satellite Web UI
+
+The Satellite Web UI is where we will go to review the Lifecycle Environments, Content Views and Activation Keys configured on the Satellite, as well as tracking the status of managed hosts as we proceed through the compliance and patching workflows.
+
+- Let's open the Satellite Web UI in a new web browser tab using the "Console" link under "Red Hat Satellite" on the workshop launch page. For example:
+
+  ![Example link to Satellite Web UI](images/satellite_link.png)
+
+- Enter the username `admin` and the password provided. This will bring you to your Satellite Web UI dashboard like the example below:
+
+  ![Example Satellite Web UI dashboard](images/satellite_console_example.png)
 
 ## Workshop Exercises