| 1.6.1.2 Ensure the SELinux state is enforcing | CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0 | Unix | ACCESS CONTROL |
| 1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | ACCESS CONTROL |
| 1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | ACCESS CONTROL |
| 1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE' | CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0 | Unix | ACCESS CONTROL |
| 1.7.1.1 Ensure AppArmor is installed | CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1 | Unix | ACCESS CONTROL |
| 2. OpenStack Identity - Policy.json - 'identity:ec2_get_credential' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 3. OpenStack Compute - Policy.json - 'os_compute_api:os-assisted-volume-snapshots:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 3.4.3.8 Ensure nftables rules are permanent | CIS Red Hat EL8 Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 4.5 Activate AppArmor - 'Profiles are loaded' - Review | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bash.bashrc.local | CIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 6. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 12. OpenStack Identity - Policy.json - 'identity:delete_identity_provider' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 18. OpenStack Compute - Policy.json - 'compute_extension:flavor_access:removeTenantAccess' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 20.47 Ensure 'Permissions for program file directories must conform to minimum requirements' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 23. OpenStack Identity - Policy.json - 'identity:remove_endpoint_group_from_project' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 25. OpenStack Identity - Policy.json - 'identity:update_service_provider' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 26. OpenStack Compute - Policy.json - 'compute_extension:admin_actions' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 30. OpenStack Compute - Policy.json - 'os_compute_api:os-pci:detail' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 32. OpenStack Compute - Policy.json - 'os_compute_api:os-cells:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 36. OpenStack Compute - Policy.json - 'os_compute_api:os-admin-actions:reset_network' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 36. OpenStack Identity - Policy.json - 'identity:list_projects_associated_with_endpoint_group' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 39. OpenStack Identity - Policy.json - 'identity:check_user_in_group' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 40. OpenStack Identity - Policy.json - 'identity:list_services' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 42. OpenStack Compute - Policy.json - 'os_compute_api:os-cells:update' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 42. OpenStack Identity - Policy.json - 'identity:delete_policy_association_for_endpoint' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 43. OpenStack Compute - Policy.json - 'os_compute_api:os-hypervisors' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 44. OpenStack Identity - Policy.json - 'default' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 52. OpenStack Compute - Policy.json - 'os_compute_api:ips:show' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 65. OpenStack Compute - Policy.json - 'os_compute_api:os-quota-sets:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 66. OpenStack Compute - Policy.json - 'os_compute_api:os-pci:show' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 67. OpenStack Compute - Policy.json - 'os_compute_api:os-pause-server:pause' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 69. OpenStack Compute - Policy.json - 'os_compute_api:os-hide-server-addresses' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 85. OpenStack Compute - Policy.json - 'compute_extension:console_auth_tokens' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 88. OpenStack Compute - Policy.json - 'compute_extension:cloudpipe' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 89. OpenStack Compute - Policy.json - 'os_compute_api:servers:start' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 100. OpenStack Identity - Policy.json - 'identity:list_policies' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 102. OpenStack Identity - Policy.json - 'identity:list_endpoints_associated_with_endpoint_group' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 111. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:add_host' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 111. OpenStack Identity - Policy.json - 'owner' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 117. OpenStack Compute - Policy.json - 'compute_extension:floating_ips_bulk' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 119. OpenStack Identity - Policy.json - 'identity:revocation_list' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 121. OpenStack Identity - Policy.json - 'identity:delete_service_provider' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 122. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:resume' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 125. OpenStack Identity - Policy.json - 'identity:get_domain_config' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 126. OpenStack Identity - Policy.json - 'identity:update_group' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 127. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:createBackup' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 129. OpenStack Identity - Policy.json - 'identity:create_service' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 132. OpenStack Identity - Policy.json - 'identity:get_protocol' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 139. OpenStack Identity - Policy.json - 'identity:create_identity_provider' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 145. OpenStack Compute - Policy.json - 'os_compute_api:server-metadata:update_all' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
