Benchmark: 4 Container Images and Build File Configuration
Overview
Container base images and build files govern the fundamentals of how a container instance from a particular image would behave. Ensuring that you are using proper base images and appropriate build files can be very important for building your containerized infrastructure. Below are some of the recommendations that you should follow for container base images and build files to ensure that your containerized infrastructure is secure.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-docker-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 4 Container Images and Build File Configuration.
Run this benchmark in your terminal:
powerpipe benchmark run docker_compliance.benchmark.cis_v160_4
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run docker_compliance.benchmark.cis_v160_4 --share
Controls
- 4.1 Ensure that a user for the container has been created
- 4.5 Ensure Content trust for Docker is Enabled
- 4.6 Ensure that HEALTHCHECK instructions have been added to container images