| 2.3 Ensure an IAM Role for Amazon EC2 is created for Web Tier | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.4 Ensure an IAM Role for Amazon EC2 is created for App Tier | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.5 Ensure AutoScaling Group Launch Configuration for Web Tier is configured to use a customer created Web-Tier IAM Role | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.6 Ensure AutoScaling Group Launch Configuration for App Tier is configured to use an App-Tier IAM Role | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
| 2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t auth info' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t cmd info' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t domobj info' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 3. OpenStack Compute - Policy.json - 'os_compute_api:os-assisted-volume-snapshots:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.3 Reduce the sudo timeout period | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 5.4 Use a separate timestamp for each user/tty combo | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.4.6 Ensure users must provide password for escalation | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 5.4.7 Ensure users must re-autenticate for privilege escalation | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 5.5 Use a separate timestamp for each user/tty combo | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 10. OpenStack Compute - Policy.json - 'os_compute_api:os-console-auth-tokens' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 11. OpenStack Compute - Policy.json - 'os_compute_api:os-lock-server:unlock' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 18 - Role Based Authentication per queue | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 18. OpenStack Compute - Policy.json - 'compute_extension:flavor_access:removeTenantAccess' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 19 - Cluster Authentication | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 26. OpenStack Compute - Policy.json - 'compute_extension:admin_actions' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 30. OpenStack Compute - Policy.json - 'os_compute_api:os-pci:detail' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 32. OpenStack Compute - Policy.json - 'os_compute_api:os-cells:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 36. OpenStack Compute - Policy.json - 'os_compute_api:os-admin-actions:reset_network' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 42. OpenStack Compute - Policy.json - 'os_compute_api:os-cells:update' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 43. OpenStack Compute - Policy.json - 'os_compute_api:os-hypervisors' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 52. OpenStack Compute - Policy.json - 'os_compute_api:ips:show' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 65. OpenStack Compute - Policy.json - 'os_compute_api:os-quota-sets:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 66. OpenStack Compute - Policy.json - 'os_compute_api:os-pci:show' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 67. OpenStack Compute - Policy.json - 'os_compute_api:os-pause-server:pause' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 69. OpenStack Compute - Policy.json - 'os_compute_api:os-hide-server-addresses' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 85. OpenStack Compute - Policy.json - 'compute_extension:console_auth_tokens' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 88. OpenStack Compute - Policy.json - 'compute_extension:cloudpipe' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 89. OpenStack Compute - Policy.json - 'os_compute_api:servers:start' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 100. OpenStack Identity - Policy.json - 'identity:list_policies' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 102. OpenStack Identity - Policy.json - 'identity:list_endpoints_associated_with_endpoint_group' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 105. OpenStack Compute - Policy.json - 'os_compute_api:os-flavor-extra-specs:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 108. OpenStack Compute - Policy.json - 'admin_or_owner' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 111. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:add_host' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 111. OpenStack Identity - Policy.json - 'owner' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 117. OpenStack Compute - Policy.json - 'compute_extension:floating_ips_bulk' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 119. OpenStack Identity - Policy.json - 'identity:revocation_list' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 122. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:resume' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 127. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:createBackup' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 145. OpenStack Compute - Policy.json - 'os_compute_api:server-metadata:update_all' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| Review the list of active Rackspace Role Names (RBAC) | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Review the List of Users with ROLE_NAME | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
