Benchmark: 4 Container Images and Build File Configuration
Overview
Container base images and build files govern the fundamentals of how a container instance from a particular image would behave. Ensuring that you are using proper base images and appropriate build files can be very important for building your containerized infrastructure. Below are some of the recommendations that you should follow for container base images and build files to ensure that your containerized infrastructure is secure.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-docker-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 4 Container Images and Build File Configuration.
Run this benchmark in your terminal:
powerpipe benchmark run docker_compliance.benchmark.cis_v160_4Snapshot and share results via Turbot Pipes:
powerpipe benchmark run docker_compliance.benchmark.cis_v160_4 --shareControls
- 4.1 Ensure that a user for the container has been created
- 4.5 Ensure Content trust for Docker is Enabled
- 4.6 Ensure that HEALTHCHECK instructions have been added to container images