Docker's secret management commands are used for managing secrets in a swarm cluster

Docs > Datadog Security > OOTB Rules > Docker's secret management commands are used for managing secrets in a swarm cluster

Classification:

compliance

Framework:

cis-docker

Control:

7.5

Set up the docker integration.

Description

You should use Docker’s in-built secret management command for control of secrets.

Rationale

Docker has various commands for managing secrets in a swarm cluster.

Audit

On a swarm manager node, run the command below to ensure Docker secret management is used in your environment where this is in line with your IT security policy:

docker secret ls

Remediation

You should follow the docker secret documentation and use it to manage secrets effectively.

Impact

None

Default value

Not Applicable

References

https://docs.docker.com/engine/reference/commandline/secret/

CIS controls

Version 6

18 Application Software Security Application Software Security