diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b9a54fab663e8f349785a997eee02ba75d70e33c..b7042c2960ea5d3e84afcb1eb1573e9f957bad37 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -62,4 +62,4 @@ destroy:
     name: ${ENVIRONMENT}
   script:
     - gitlab-terraform destroy
-  when: manual
+  when: manual
\ No newline at end of file
diff --git a/hardening-scripts/ansible/ansible.cfg b/hardening-scripts/ansible/ansible.cfg
new file mode 100644
index 0000000000000000000000000000000000000000..c62e2255ad163a0b9acf227cf914ac839d6bf6c2
--- /dev/null
+++ b/hardening-scripts/ansible/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+host_key_checking = False
+inventory = ./hosts.yaml
diff --git a/hardening-scripts/ansible/hosts.yaml b/hardening-scripts/ansible/hosts.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..764c698917cb96cba5b9b41026261e6406f2abf5
--- /dev/null
+++ b/hardening-scripts/ansible/hosts.yaml
@@ -0,0 +1,3 @@
+instances:
+  hosts:
+    dev-0.cma.alpha.grandlyon.com:
\ No newline at end of file
diff --git a/hardening-scripts/ansible/tasks/update.yaml b/hardening-scripts/ansible/tasks/update.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..fcfce3c7bee4b06fdea9d1133824eb1d3d5a2f3b
--- /dev/null
+++ b/hardening-scripts/ansible/tasks/update.yaml
@@ -0,0 +1,19 @@
+---
+# This playbook is used to update and upgrade apt packages on all instances
+
+- name: "Apply updates and upgrades to all instances"
+  become: yes
+  become_method: sudo
+  remote_user: root
+  hosts: instances
+  tasks:
+    - name: "Update instances"
+      register: output
+      apt:
+        update_cache: yes
+        cache_valid_time: 86400
+        upgrade: dist
+        autoremove: yes
+
+    - debug: msg="{{ output.stdout }}"
+    - debug: msg="{{ output.stderr }}"
diff --git a/hardening-scripts/scripts/build-ansible-hosts.sh b/hardening-scripts/scripts/build-ansible-hosts.sh
new file mode 100755
index 0000000000000000000000000000000000000000..680e40d9a9cd32f46e461a18869478a1e6c77999
--- /dev/null
+++ b/hardening-scripts/scripts/build-ansible-hosts.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# Create hosts.yaml file with base configuration
+echo "instances:
+  hosts:" > ./hosts.yaml
+
+# Add host url for each instance
+for ((i=0; i<=$INSTANCE_COUNT; i++)); do
+    echo "    ${ENVIRONMENT}-${i}.cma.alpha.grandlyon.com:" >> ./hardening-scripts/ansible/hosts.yaml
+done
\ No newline at end of file
diff --git a/hardening-scripts/terraform/main.tf b/hardening-scripts/terraform/main.tf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/hardening-scripts/terraform/output.tf b/hardening-scripts/terraform/output.tf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/hardening-scripts/terraform/provider.tf b/hardening-scripts/terraform/provider.tf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/hardening-scripts/terraform/variables-gitlab.tf b/hardening-scripts/terraform/variables-gitlab.tf
new file mode 100644
index 0000000000000000000000000000000000000000..04a620b30635534ee6279bdfe374376db23509cc
--- /dev/null
+++ b/hardening-scripts/terraform/variables-gitlab.tf
@@ -0,0 +1,5 @@
+
+variable "ENVIRONMENT" {
+  type        = string
+  description = "Environment of the deployment, contained in domains, subdomains and resources name convention"
+}