From 39efaecdd25a1fd9a0415c2338d916e9197037a4 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Thu, 20 Feb 2025 17:09:21 +0000
Subject: [PATCH] Added updated for 5.1.1 to ignore ec2 based ssh config perms
 change

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_5/cis_5.1.x.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tasks/section_5/cis_5.1.x.yml b/tasks/section_5/cis_5.1.x.yml
index 5550e18..7261726 100644
--- a/tasks/section_5/cis_5.1.x.yml
+++ b/tasks/section_5/cis_5.1.x.yml
@@ -26,6 +26,7 @@
       register: discovered_sshd_confs
 
     - name: "5.1.1 | PATCH | Ensure permissions on /etc/ssh/sshd_config are configured"
+      when: (item.path != "'/etc/ssh/sshd_config.d/60-cloudimg-settings.conf'" and system_is_ec2 )
       ansible.builtin.file:
         path: "{{ item.path }}"
         recurse: false