| 2.3 Ensure an IAM Role for Amazon EC2 is created for Web Tier | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.4 Ensure an IAM Role for Amazon EC2 is created for App Tier | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.5 Ensure AutoScaling Group Launch Configuration for Web Tier is configured to use a customer created Web-Tier IAM Role | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.6 Ensure AutoScaling Group Launch Configuration for App Tier is configured to use an App-Tier IAM Role | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t dom info' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t role info' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 5.4 Use a separate timestamp for each user/tty combo | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.4.6 Ensure users must provide password for escalation | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 5.4.7 Ensure users must re-autenticate for privilege escalation | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 5.5 Use a separate timestamp for each user/tty combo | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 8. OpenStack Compute - Policy.json - 'os_compute_api:os-tenant-networks' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 13. OpenStack Compute - Policy.json - 'compute_extension:quotas:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 14. OpenStack Compute - Policy.json - 'compute_extension:migrations:index' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 17. OpenStack Compute - Policy.json - 'os_compute_api:os-personality:discoverable' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 18 - Role Based Authentication per queue | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 19 - Cluster Authentication | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 22. OpenStack Compute - Policy.json - 'compute_extension:cells:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 23. OpenStack Compute - Policy.json - 'context_is_admin' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 24. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:update' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 37. OpenStack Compute - Policy.json - 'compute_extension:flavorextraspecs:update' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 39. OpenStack Compute - Policy.json - 'os_compute_api:os-instance-actions:events' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 45. OpenStack Compute - Policy.json - 'os_compute_api:os-admin-actions:inject_network_info' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 46. OpenStack Compute - Policy.json - 'os_compute_api:os-services' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 47. OpenStack Compute - Policy.json - 'compute_extension:availability_zone:detail' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 49. OpenStack Compute - Policy.json - 'compute_extension:baremetal_nodes' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 50. OpenStack Compute - Policy.json - 'compute_extension:cells' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 61. OpenStack Compute - Policy.json - 'compute_extension:users' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 75. OpenStack Compute - Policy.json - 'os_compute_api:server-metadata:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 76. OpenStack Compute - Policy.json - 'compute_extension:simple_tenant_usage:list' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 77. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:migrateLive' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 84. OpenStack Compute - Policy.json - 'os_compute_api:os-flavor-manage' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 92. OpenStack Compute - Policy.json - 'compute_extension:hypervisors' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 96. OpenStack Compute - Policy.json - 'os_compute_api:os-preserve-ephemeral-rebuild:discoverable' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 102. OpenStack Compute - Policy.json - 'os_compute_api:os-baremetal-nodes' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 103. OpenStack Compute - Policy.json - 'os_compute_api:os-simple-tenant-usage:show' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 109. OpenStack Compute - Policy.json - 'compute_extension:security_group_default_rules' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 116. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 118. OpenStack Compute - Policy.json - 'os_compute_api:os-flavor-access:add_tenant_access' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 121. OpenStack Compute - Policy.json - 'network:attach_external_network' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 125. OpenStack Compute - Policy.json - 'compute:unlock_override' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 128. OpenStack Compute - Policy.json - 'compute_extension:flavorextraspecs:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 135. OpenStack Compute - Policy.json - 'compute_extension:instance_actions:events' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 137. OpenStack Compute - Policy.json - 'compute_extension:flavorextraspecs:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| Review the list of active Rackspace Role Names (RBAC) | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Review the List of Users with ROLE_NAME | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
