Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Docker Enterprise Swarm manager auto-lock key must be rotated periodically.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-95733 | DKER-EE-005070 | SV-104871r1_rule | Medium |
| Description |
|---|
| Rotate swarm manager auto-lock key periodically. Swarm manager auto-lock key is not automatically rotated. Rotate them periodically as a best practice. By default, keys are not rotated automatically. |
| STIG | Date |
|---|---|
| Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide | 2019-09-13 |
Details
| Check Text ( C-94563r1_chk ) |
|---|
| Interview the system administrator to identify the key rotation process. Determine if there is a key rotation record and if the keys are rotated at a pre-defined frequency. If the swarm manager auto-lock key is not rotated on a regular basis, this is a finding. |
| Fix Text (F-101401r1_fix) |
|---|
| Run the below command to rotate the keys. docker swarm unlock-key --rotate Additionally, to facilitate audit for this recommendation, maintain key rotation records and ensure that a pre-defined frequency for key rotation is established. |