The Red Hat Ansible Automation Platform (acquired by Red Hat in 2015) is a foundation for building and operating automation across an organization. The platform includes tools needed to implement enterprise-wide automation, and can automate resource provisioning, and IT environments and configuration of systems and devices. It can be used in a CI/CD process to provision the target environment and to then deploy the application on it.
$5,000
per year
Sonatype Platform
Score 8.7 out of 10
Enterprise companies (1,001+ employees)
Sonatype secures the software supply chain and protects organizations' vital software development lifecycle(SDLC). The platform unites security teams and developers to accelerate digital innovation without sacrificing security or quality across the SDLC. With users among more than 2,000 organizations and 15 million software developers, Sonatype tools and guidance help users to deliver and maintain exceptional and secure software.
It has helped save us so much time, as it was designed to automate mundane and repetitive tasks that we were using other tools to perform and that required so much manual intervention. It does not work very well within Windows environments, understandably, but I would love to see more integration. I want it to be sexy and attractive to more than just geeky sysadmins.
- Guidance on remediation is very good - Vulnerability detection is very good - Support is very good - Ability to ask PMs/POs open questions at Office Hours every month is very good - Support for languages is lacking (TIOBE Index Top20) - Some features are un-neededly hidden and make the usage more complex then it needs to be
Debugging is easy, as it tells you exactly within your job where the job failed, even when jumping around several playbooks.
Ansible seems to integrate with everything, and the community is big enough that if you are unsure how to approach converting a process into a playbook, you can usually find something similar to what you are trying to do.
Security in AAP seems to be pretty straightforward. Easy to organize and identify who has what permissions or can only see the content based on the organization they belong to.
Nexus firewall is a great feature enabled for all our proxy repositories which are used to download the third-party opensource packages.
Nexus IQ is integrated with build stage to analyze the component against evaluation policy. This helps to figure out the application security standards.
Nexus IQ is also having a feature to scan container images before it uploads to our private repository. This is great feature for container platforms.
YAML is hard for many to adopt. Moving to a system that is not as white space sensitive would likely increase uptake.
AAP and EDA should be more closely aligned. There are differences that can trip users of the integration up. An example would be the way that variables are used.
Event-driven Ansible output is not as informative as AAP.
Even is if it's a great tool, we are looking to renew our licence for our production servers only. The product is very expensive to use, so we might look for a cheaper solution for our non-production servers. One of the solution we are looking, is AWX, free, and similar to AAP. This is be perfect for our non-production servers.
Sonatype supports more than 200 dev(s). It proves with the repository to store the artifacts. Allows for governance of open source software used by the different teams. It is used by security teams to scan for vulnerabilities in software(s) and in the deployed containers. It helps ensure code quality.
Overall experience is great with the Platform; however, I see some opportunity with upgrading the platform as it is missing with data of historical scans to allow reviewer to get view of trend how the application/product development team is considering fixing the issues.
Great in almost every way compared to any other configuration management software. The only thing I wish for is python3 support. Other than that, YAML is much improved compared to the Ruby of Chef. The agentless nature is incredibly convenient for managing systems quickly, and if a member of your term has no terminal experience whatsoever they can still use the UI.
Sonatype products are great value as I said but a few areas like how products use underlying resources in order to make it further lightweight, is something I would like them to consider.
There is a lot of good documentation that Ansible and Red Hat provide which should help get someone started with making Ansible useful. But once you get to more complicated scenarios, you will benefit from learning from others. I have not used Red Hat support for work with Ansible, but many of the online resources are helpful.
I haven't thought of any right now other than just doing our own home-brewed shell scripts. Command line scripts. And how does this compare? It's light years ahead, especially with the ability to share credentials without giving the person the actual credentials. You can delegate that within, I guess what used to be called Ansible Tower, which is now the Ansible Automation platform. It lets you share, I can give you the keys without you being able to see the keys. It's great
Out of other products we evaluated before choosing Sonatype, the later looked far more user friendly, easy to understand and work with. This was key for us, as the tool needs to be used by many engineers that don't have security as their main focus. Having a tool that is easy to understand and work with, makes the process of evaluating open source dependencies much easier and appealing for developers.