Harden OpenStack security posture
openstack-securityskillsetup L3★64
Tibsfox/gsd-skill-creator ↗What it does
Harden OpenStack with TLS, RBAC policies, and audit logging
Best for
Enforces defense-in-depth with encrypted API channels, role-based access, and immutable audit logs.
Inputs
- · [object Object]
- · [object Object]
Outputs
- · [object Object]
- · [object Object]
Requires
- · openssl
- · HAProxy
- · firewalld
- · Keystone
Preconditions
Root access on management network; CA authority for cert signing
Failure modes
- · Certificate expiry breaks API access
- · Self-signed CA requires manual trust
- · Policy syntax error denies all (fail-close)
Trust signals
- · HAProxy TLS termination standard
- · Keystone CADF event logging
- · Mandatory PE disclaimer for security