TNS OpenStack Keystone/Identity Security Guide

Audit Details

Name: TNS OpenStack Keystone/Identity Security Guide

Updated: 12/22/2023

Authority: TNS

Plugin: Unix

Revision: 1.21

Estimated Item Count: 160

File Details

Filename: TNS_OpenStack_Identity_Security_Guide.audit

Size: 208 kB

MD5: f52b156e7caef4b44b1ee85887acf349
SHA256: 1ac4818ea1e78d03e71dd97bec4e7214abec0a115200a0d54acfd3109701835f

Audit Changelog

Ā 
Revision 1.21

Dec 22, 2023

Miscellaneous
  • Metadata updated.
Revision 1.20

May 31, 2023

Informational Update
  • 1. OpenStack Identity - Policy.json - 'identity:update_domain_config'
  • 10. OpenStack Identity - Policy.json - 'identity:list_access_token_roles'
  • 100. OpenStack Identity - Policy.json - 'identity:list_policies'
  • 101. OpenStack Identity - Policy.json - 'identity:list_groups'
  • 102. OpenStack Identity - Policy.json - 'identity:list_endpoints_associated_with_endpoint_group'
  • 103. OpenStack Identity - Policy.json - 'identity:list_endpoints'
  • 104. OpenStack Identity - Policy.json - 'identity:update_policy'
  • 105. OpenStack Identity - Policy.json - 'identity:delete_endpoint_group'
  • 106. OpenStack Identity - Policy.json - 'admin_or_owner'
  • 107. OpenStack Identity - Policy.json - 'identity:update_protocol'
  • 108. OpenStack Identity - Policy.json - 'identity:get_group'
  • 109. OpenStack Identity - Policy.json - 'identity:create_policy_association_for_endpoint'
  • 11. OpenStack Identity - Policy.json - 'identity:update_project'
  • 110. OpenStack Identity - Policy.json - 'identity:delete_group'
  • 111. OpenStack Identity - Policy.json - 'owner'
  • 112. OpenStack Identity - Policy.json - 'identity:ec2_list_credentials'
  • 113. OpenStack Identity - Policy.json - 'identity:delete_consumer'
  • 114. OpenStack Identity - Policy.json - 'identity:list_credentials'
  • 115. OpenStack Identity - Policy.json - 'identity:check_endpoint_in_project'
  • 116. OpenStack Identity - Policy.json - 'identity:list_groups_for_user'
  • 117. OpenStack Identity - Policy.json - 'identity:delete_region'
  • 118. OpenStack Identity - Policy.json - 'identity:create_credential'
  • 119. OpenStack Identity - Policy.json - 'identity:revocation_list'
  • 12. OpenStack Identity - Policy.json - 'identity:delete_identity_provider'
  • 120. OpenStack Identity - Policy.json - 'identity:change_password'
  • 121. OpenStack Identity - Policy.json - 'identity:delete_service_provider'
  • 122. OpenStack Identity - Policy.json - 'identity:authorize_request_token'
  • 123. OpenStack Identity - Policy.json - 'identity:create_project'
  • 124. OpenStack Identity - Policy.json - 'identity:list_identity_providers'
  • 125. OpenStack Identity - Policy.json - 'identity:get_domain_config'
  • 126. OpenStack Identity - Policy.json - 'identity:update_group'
  • 127. OpenStack Identity - Policy.json - 'identity:ec2_create_credential'
  • 128. OpenStack Identity - Policy.json - 'identity:list_endpoints_for_policy'
  • 129. OpenStack Identity - Policy.json - 'identity:create_service'
  • 13. OpenStack Identity - Policy.json - 'identity:list_users_in_group'
  • 130. OpenStack Identity - Policy.json - 'identity:check_policy_association_for_region_and_service'
  • 131. OpenStack Identity - Policy.json - 'identity:create_policy_association_for_region_and_service'
  • 132. OpenStack Identity - Policy.json - 'identity:get_protocol'
  • 133. OpenStack Identity - Policy.json - 'identity:get_policy'
  • 134. OpenStack Identity - Policy.json - 'service_role'
  • 135. OpenStack Identity - Policy.json - 'identity:update_role'
  • 136. OpenStack Identity - Policy.json - 'identity:delete_access_token'
  • 137. OpenStack Identity - Policy.json - 'identity:get_domain'
  • 138. OpenStack Identity - Policy.json - 'identity:list_mappings'
  • 139. OpenStack Identity - Policy.json - 'identity:create_identity_provider'
  • 14. OpenStack Identity - Policy.json - 'identity:create_group'
  • 140. OpenStack Identity - Policy.json - 'token_subject'
  • 15. OpenStack Identity - Policy.json - 'identity:list_consumers'
  • 16. OpenStack Identity - Policy.json - 'identity:delete_policy_association_for_region_and_service'
  • 17. OpenStack Identity - Policy.json - 'identity:get_role'
  • 18. OpenStack Identity - Policy.json - 'identity:update_service'
  • 19. OpenStack Identity - Policy.json - 'identity:update_endpoint'
  • 2. OpenStack Identity - Policy.json - 'identity:ec2_get_credential'
  • 20. OpenStack Identity - Policy.json - 'identity:get_service_provider'
  • 21. OpenStack Identity - Policy.json - 'identity:ec2_delete_credential'
  • 22. OpenStack Identity - Policy.json - 'identity:delete_endpoint'
  • 23. OpenStack Identity - Policy.json - 'identity:remove_endpoint_group_from_project'
  • 24. OpenStack Identity - Policy.json - 'identity:create_domain_config'
  • 25. OpenStack Identity - Policy.json - 'identity:update_service_provider'
  • 26. OpenStack Identity - Policy.json - 'identity:list_service_providers'
  • 27. OpenStack Identity - Policy.json - 'identity:create_consumer'
  • 28. OpenStack Identity - Policy.json - 'identity:remove_user_from_group'
  • 29. OpenStack Identity - Policy.json - 'identity:delete_service'
  • 3. OpenStack Identity - Policy.json - 'identity:revoke_grant'
  • 30. OpenStack Identity - Policy.json - 'identity:get_trust'
  • 31. OpenStack Identity - Policy.json - 'identity:update_domain'
  • 32. OpenStack Identity - Policy.json - 'admin_or_token_subject'
  • 33. OpenStack Identity - Policy.json - 'identity:validate_token_head'
  • 34. OpenStack Identity - Policy.json - 'identity:update_region'
  • 35. OpenStack Identity - Policy.json - 'identity:list_access_tokens'
  • 36. OpenStack Identity - Policy.json - 'identity:list_projects_associated_with_endpoint_group'
  • 37. OpenStack Identity - Policy.json - 'identity:list_projects_for_endpoint'
  • 38. OpenStack Identity - Policy.json - 'identity:add_endpoint_group_to_project'
  • 39. OpenStack Identity - Policy.json - 'identity:check_user_in_group'
  • 4. OpenStack Identity - Policy.json - 'identity:update_consumer'
  • 40. OpenStack Identity - Policy.json - 'identity:list_services'
  • 41. OpenStack Identity - Policy.json - 'identity:create_grant'
  • 42. OpenStack Identity - Policy.json - 'identity:delete_policy_association_for_endpoint'
  • 43. OpenStack Identity - Policy.json - 'identity:create_endpoint'
  • 44. OpenStack Identity - Policy.json - 'default'
  • 45. OpenStack Identity - Policy.json - 'identity:get_access_token'
  • 46. OpenStack Identity - Policy.json - 'identity:delete_role'
  • 47. OpenStack Identity - Policy.json - 'identity:get_identity_providers'
  • 48. OpenStack Identity - Policy.json - 'identity:update_credential'
  • 49. OpenStack Identity - Policy.json - 'identity:get_consumer'
  • 5. OpenStack Identity - Policy.json - 'identity:list_user_projects'
  • 50. OpenStack Identity - Policy.json - 'admin_required'
  • 51. OpenStack Identity - Policy.json - 'identity:delete_policy_association_for_service'
  • 52. OpenStack Identity - Policy.json - 'identity:create_policy'
  • 53. OpenStack Identity - Policy.json - 'identity:delete_policy'
  • 54. OpenStack Identity - Policy.json - 'identity:check_policy_association_for_service'
  • 55. OpenStack Identity - Policy.json - 'identity:create_policy_association_for_service'
  • 56. OpenStack Identity - Policy.json - 'identity:get_endpoint_group'
  • 57. OpenStack Identity - Policy.json - 'identity:create_protocol'
  • 58. OpenStack Identity - Policy.json - 'identity:create_user'
  • 59. OpenStack Identity - Policy.json - 'identity:get_mapping'
  • 6. OpenStack Identity - Policy.json - 'identity:create_trust'
  • 60. OpenStack Identity - Policy.json - 'identity:create_endpoint_group'
  • 61. OpenStack Identity - Policy.json - 'identity:revoke_token'
  • 62. OpenStack Identity - Policy.json - 'identity:delete_user'
  • 63. OpenStack Identity - Policy.json - 'service_or_admin'
  • 64. OpenStack Identity - Policy.json - 'identity:update_user'
  • 65. OpenStack Identity - Policy.json - 'identity:get_service'
  • 66. OpenStack Identity - Policy.json - 'identity:remove_endpoint_from_project'
  • 67. OpenStack Identity - Policy.json - 'identity:delete_domain_config'
  • 68. OpenStack Identity - Policy.json - 'identity:check_policy_association_for_endpoint'
  • 69. OpenStack Identity - Policy.json - 'identity:update_mapping'
  • 7. OpenStack Identity - Policy.json - 'identity:get_endpoint'
  • 70. OpenStack Identity - Policy.json - 'identity:get_access_token_role'
  • 71. OpenStack Identity - Policy.json - 'identity:list_domains'
  • 72. OpenStack Identity - Policy.json - 'identity:create_service_provider'
  • 73. OpenStack Identity - Policy.json - 'identity:delete_mapping'
  • 74. OpenStack Identity - Policy.json - 'identity:create_region'
  • 75. OpenStack Identity - Policy.json - 'identity:list_role_assignments'
  • 76. OpenStack Identity - Policy.json - 'identity:list_endpoint_groups'
  • 77. OpenStack Identity - Policy.json - 'identity:list_endpoints_for_project'
  • 78. OpenStack Identity - Policy.json - 'identity:list_roles'
  • 79. OpenStack Identity - Policy.json - 'identity:delete_credential'
  • 8. OpenStack Identity - Policy.json - 'identity:list_projects'
  • 80. OpenStack Identity - Policy.json - 'identity:get_endpoint_group_in_project'
  • 81. OpenStack Identity - Policy.json - 'identity:get_credential'
  • 82. OpenStack Identity - Policy.json - 'identity:update_identity_provider'
  • 83. OpenStack Identity - Policy.json - 'identity:delete_protocol'
  • 84. OpenStack Identity - Policy.json - 'identity:validate_token'
  • 85. OpenStack Identity - Policy.json - 'identity:add_user_to_group'
  • 86. OpenStack Identity - Policy.json - 'identity:delete_project'
  • 87. OpenStack Identity - Policy.json - 'identity:get_user'
  • 88. OpenStack Identity - Policy.json - 'identity:check_token'
  • 89. OpenStack Identity - Policy.json - 'identity:create_domain'
  • 9. OpenStack Identity - Policy.json - 'identity:list_users'
  • 90. OpenStack Identity - Policy.json - 'identity:list_grants'
  • 91. OpenStack Identity - Policy.json - 'identity:get_project'
  • 92. OpenStack Identity - Policy.json - 'identity:add_endpoint_to_project'
  • 93. OpenStack Identity - Policy.json - 'identity:update_endpoint_group'
  • 94. OpenStack Identity - Policy.json - 'identity:check_grant'
  • 95. OpenStack Identity - Policy.json - 'identity:create_role'
  • 96. OpenStack Identity - Policy.json - 'identity:list_protocols'
  • 97. OpenStack Identity - Policy.json - 'identity:delete_domain'
  • 98. OpenStack Identity - Policy.json - 'identity:get_policy_for_endpoint'
  • 99. OpenStack Identity - Policy.json - 'identity:create_mapping'
Revision 1.19

Apr 12, 2023

Miscellaneous
  • Metadata updated.
Revision 1.18

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.17

Dec 7, 2022

Miscellaneous
  • Variables updated.
Revision 1.16

Apr 25, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.15

Feb 1, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.14

Oct 5, 2020

Miscellaneous
  • Platform check updated.
Revision 1.13

Sep 29, 2020

Miscellaneous
  • References updated.
Revision 1.12

Jul 14, 2020

Miscellaneous
  • Metadata updated.