509 B
509 B
🔐 Evidence – Identity and Access Management
Purpose
This folder contains evidence showing how user accounts, roles, MFA, and authentication systems are managed via Keycloak and Tailscale.
Included Artifacts
- Realm export (
keycloak-realm-export.json) - Screenshots of MFA policy
- Group-to-role mapping export
- Tailscale ACL and device log
Review Checklist
- MFA enforced for all privileged users
- User roles mapped and validated
- Keycloak policies match SSP configuration