The container platform must enforce access restrictions for container platform configuration changes.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-233188	SRG-APP-000380-CTR-000900	SV-233188r601881_rule		Medium

Description
Configuration changes cause the container platform to change the way it operates. These changes can be used to improve the system with added features or performance, but these configuration changes can also be used to introduce malicious features and degrade performance. To control the configuration changes made to the container platform, it is important that only authorized users are allowed, through container platform enforcement, to make configuration changes.

Description

Configuration changes cause the container platform to change the way it operates. These changes can be used to improve the system with added features or performance, but these configuration changes can also be used to introduce malicious features and degrade performance. To control the configuration changes made to the container platform, it is important that only authorized users are allowed, through container platform enforcement, to make configuration changes.

STIG	Date
Container Platform Security Requirements Guide	2021-12-14

Details

Check Text ( C-36124r601793_chk )
Review documentation and configuration settings to determine if the container platform enforces access restrictions associated with changes to container platform components configuration. If the container platform does not enforce such access restrictions, this is a finding.

Fix Text (F-36092r601880_fix)
Configure the container platform to enforce access restrictions associated with changes to the container platform components configuration.