STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-235826r627605_rule
V-235826
SRG-APP-000231
DKER-EE-002660
CAT II
10
For all containerized applications that leverage configuration files and/or small amounts of user-generated data, store that data in Docker Secrets.
All secrets should be created and managed using a UCP client bundle.
A reference for the use of docker secrets can be found at https://docs.docker.com/engine/swarm/secrets/.
Review System Security Plan (SSP) and identify applications that leverage configuration files and/or small amounts of user-generated data, ensure that data is stored in Docker Secrets or Kubernetes Secrets.
Using a Universal Control Plane (UCP) client bundle, verify that secrets are in use by executing the following commands:
docker secret ls
Confirm containerized applications identified in SSP as utilizing Docker secrets have a corresponding secret configured.
If the SSP requires Docker secrets be used but the containerized application does not use Docker secrets, this is a finding.
V-235826
False
DKER-EE-002660
Review System Security Plan (SSP) and identify applications that leverage configuration files and/or small amounts of user-generated data, ensure that data is stored in Docker Secrets or Kubernetes Secrets.
Using a Universal Control Plane (UCP) client bundle, verify that secrets are in use by executing the following commands:
docker secret ls
Confirm containerized applications identified in SSP as utilizing Docker secrets have a corresponding secret configured.
If the SSP requires Docker secrets be used but the containerized application does not use Docker secrets, this is a finding.
M
5281