STIGQter STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Jul 2019: Docker Enterprise Swarm manager auto-lock key must be rotated periodically.

DISA Rule

SV-104871r1_rule

Vulnerability Number

V-95733

Group Title

SRG-APP-000516

Rule Version

DKER-EE-005070

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Run the below command to rotate the keys.

docker swarm unlock-key --rotate

Additionally, to facilitate audit for this recommendation, maintain key rotation records and ensure that a pre-defined frequency for key rotation is established.

Check Contents

Interview the system administrator to identify the key rotation process. Determine if there is a key rotation record and if the keys are rotated at a pre-defined frequency.

If the swarm manager auto-lock key is not rotated on a regular basis, this is a finding.

Vulnerability Number

V-95733

Documentable

False

Rule Version

DKER-EE-005070

Severity Override Guidance

Interview the system administrator to identify the key rotation process. Determine if there is a key rotation record and if the keys are rotated at a pre-defined frequency.

If the swarm manager auto-lock key is not rotated on a regular basis, this is a finding.

Check Content Reference

M

Target Key

3425

Comments