You can currently create an image that aligns with a security profile from scap-security-guide [Chapter 7. Creating pre-hardened images with Image Builder OpenSCAP](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/composing_a_customized_rhel_system_image/assembly_creating-pre-hardened-images-with-image-builder-openscap-integration_composing-a-customized-rhel-system-image#con_the-openscap-blueprint-customization_assembly_creating-pre-hardened-images-with-image-builder-openscap-integration) This RFE is to request the ability to use tailoring files in locally hosted image builder to customize a scap security profile. After chatting with the Image Builder team it sounds like this is an option for an RFE and in-progress (technically enabled in one of the lower level components but not yet exposed in the blueprints) but I wasn't able to find an RFE referencing it. Additional info: scap workbench allows us to create a tailoring file in an rpm format (and the rpm includes the unchanged datastream) - if we can add this rpm to the image then that may make the tailoring file available for the Image Builder blueprint to reference it. Info on using scap workbench to create a tailoring file/rpm: [Chapter 7. Scanning the system for configuration compliance and vulnerabilities Red Hat Enterprise Linux 9 | Red Hat Customer Portal](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#customizing-a-security-profile-with-scap-workbench_scanning-the-system-with-a-customized-profile-using-scap-workbench)
Hello, can we please have some updates on this bugzilla? With regards to the time line, that they would like to have this feature to be available for both RHEL 8 and RHEL 9.
We are tracking this initiative in this Jira ticket: https://issues.redhat.com/browse/COMPOSER-1994 However, it probably won't be ready in time for 8.9/9.3.