TNS OpenStack Keystone/Identity Security Guide

Audit Details

Name: TNS OpenStack Keystone/Identity Security Guide

Updated: 4/25/2022

Authority: TNS

Plugin: Unix

Revision: 1.16

Estimated Item Count: 20

File Details

Filename: TNS_OpenStack_Identity_Security_Guide.audit

Size: 181 kB

MD5: 8f89b5921fe5e271d5db7693b17d06f6
SHA256: a65dd5592235dd7c2b59553d7fe08953a3815b60d675dcb0301e43a50506e62b

Audit Items

DescriptionCategories
OpenStack Identity - Disable admin token in /etc/keystone/keystone-paste.ini

ACCESS CONTROL

OpenStack Identity - Disable admin token in /etc/keystone/keystone.conf

ACCESS CONTROL

OpenStack Identity - Identity uses strong hashing algorithms for PKI tokens

SYSTEM AND COMMUNICATIONS PROTECTION

OpenStack Identity - max_request_body_size set to default

SYSTEM AND COMMUNICATIONS PROTECTION

OpenStack Identity - SSL enabled

SYSTEM AND COMMUNICATIONS PROTECTION

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/keystone-paste.ini

CONFIGURATION MANAGEMENT

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/keystone.conf

CONFIGURATION MANAGEMENT

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/logging.conf

CONFIGURATION MANAGEMENT

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/policy.json

CONFIGURATION MANAGEMENT

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/ssl/certs/ca.pem

CONFIGURATION MANAGEMENT

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/ssl/certs/signing_cert.pem

CONFIGURATION MANAGEMENT

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/ssl/private/signing_key.pem

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/keystone-paste.ini

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/keystone.conf

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/logging.conf

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/policy.json

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/ssl/certs/ca.pem

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/ssl/certs/signing_cert.pem

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/ssl/private/signing_key.pem

CONFIGURATION MANAGEMENT

TNS_OpenStack_Identity_Security_Guide.audit