Skip to content

Latest commit

 

History

History
351 lines (201 loc) · 10 KB

REFERENCE.md

File metadata and controls

351 lines (201 loc) · 10 KB
Raw

Reference

Table of Contents

Classes

Defined types

Classes

acsc_e8_office_hardening

A module which enforces https://github.com/benjamin-robertson/acsc_e8_office_hardening/blob/main/PROTECT%20-%20Microsoft%20Office%20Macro%20Security%20(October%202021).pdf

lint:ignore:140chars

Examples

include acsc_e8_office_hardening

Parameters

The following parameters are available in the acsc_e8_office_hardening class:

disable_flash_content

Data type: Boolean

Disable flash content. Default: false

Default value: false

disable_macros

Data type: Boolean

Disable macros, Default: true

Default value: true

set_ntuser_interval

Data type: Integer

Set the interval to set the default ntuser macro settings in hours. Default: 1

Default value: 24

macro_setting

Data type: Enum['all_macros_disabled','macros_from_trusted_locations','signed_macros_only','clear_macro_settings']

Macro settings to enforce, for details see ACSC publication. Default: clear_macro_settings

Default value: 'clear_macro_settings'

trusted_locations

Data type: Variant[Undef,Hash[String,Hash,1,20]]

Set trusted location. See example in readme. Default: undef

Default value: undef

acsc_e8_office_hardening::clear_unused_registry_values

Clear unused registry values when switching between office macro modes

Examples

class { 'acsc_e8_office_hardening::clear_unused_registry_values':
  system_setting     => $facts['office_macro_last_run'],
  configured_setting => $macro_setting,
}

Parameters

The following parameters are available in the acsc_e8_office_hardening::clear_unused_registry_values class:

system_setting

Data type: String

Current system macro setting

configured_setting

Data type: String

Configured system macro setting

acsc_e8_office_hardening::disable_flash

Disables flash within office

Examples

include acsc_e8_office_hardening::disable_flash

Parameters

The following parameters are available in the acsc_e8_office_hardening::disable_flash class:

reg_values

Data type: Hash

registry values to set

acsc_e8_office_hardening::macros

Configured office macro settings for office. Private class

Examples

include acsc_e8_office_hardening::macros

Parameters

The following parameters are available in the acsc_e8_office_hardening::macros class:

macro_setting

Data type: String

set office macro setting

Default value: 'clear_macro_settings'

acsc_e8_office_hardening::mount_default_user_hive

Mounts the default user ntuser.dat file located under c:\user\default\ntuser.dat Mounts under HKU\user_default Private class

Examples

include acsc_e8_office_hardening::mount_default_user_hive

acsc_e8_office_hardening::trusted_locations

Creates trusted locations for office Private class

Examples

include acsc_e8_office_hardening::trusted_locations

Parameters

The following parameters are available in the acsc_e8_office_hardening::trusted_locations class:

trusted_locations

Data type: Hash

Hash of trusted locations. See readme for example

acsc_e8_office_hardening::unmount_default_user_hive

Mounts the default user ntuser.dat file located under c:\user\default\ntuser.dat Mounts under HKU\user_default Private class

Examples

include acsc_e8_office_hardening::unmount_default_user_hive

Defined types

acsc_e8_office_hardening::delete_trusted_location

Delete trusted location if unmanaged by Pupppet We handle up to 20 custom locations

Examples

acsc_e8_office_hardening::delete_trusted_location { "location${delelete_index}":}

acsc_e8_office_hardening::delete_user_registry_value

Defined type which deletes registry value for each HKEY_CURRENT_USER on a machine.

Examples

acsc_e8_office_hardening::user_registry_value { 'key_name': }

Parameters

The following parameters are available in the acsc_e8_office_hardening::delete_user_registry_value defined type:

key_name

Data type: String

key name to delete

acsc_e8_office_hardening::set_trusted_location

Creates trusted location for office files. This must be used in conjuntion with the macros_from_trusted_locations option. Otherwise it will have affect.

Examples

acsc_e8_office_hardening::set_trusted_location { 'namevar': }

Parameters

The following parameters are available in the acsc_e8_office_hardening::set_trusted_location defined type:

path

Data type: String

File path to permit

date

Data type: Optional[Variant[String,Undef]]

Date set. Default: undef

Default value: undef

description

Data type: Optional[Variant[String,Undef]]

Description of path. Default: undef

Default value: undef

allowsub

Data type: Boolean

Permit sub directory under that path. Default: false

Default value: false

acsc_e8_office_hardening::user_registry_value

Defined type which sets registry value for each HKEY_CURRENT_USER on a machine.

Examples

acsc_e8_office_hardening::user_registry_value { 'namevar': }

Parameters

The following parameters are available in the acsc_e8_office_hardening::user_registry_value defined type:

key_name

Data type: String

key name

key_details

Data type: Hash

Key details, hash containing value, type and data for registry value