Use authorization plugin

Details

https://docs.docker.com/engine/reference/commandline/daemon/#access-authorization

2.https://docs.docker.com/engine/extend/authorization/

3.https://github.com/twistlock/authz

Solution

Step 1- Install/Create an authorization plugin.
Step 2- Configure the authorization policy as desired.
Step 3- Start the docker daemon as below-
docker daemon –authorization-plugin=
Impact-
Each docker command specifically passes through authorization plugin mechanism. This might introduce a slight performance drop.
Default Value-
By default, authorization plugins are not set up.

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/516

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Unix.

References

800-53|IA-2

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles