| 7.1 Ensure that the minimum number of manager nodes have been created in a swarm | CONFIGURATION MANAGEMENT |
| 7.2 Ensure that swarm services are bound to a specific host interface | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure that all Docker swarm overlay networks are encrypted | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure that Docker's secret management commands are used for managing secrets in a swarm cluster | CONFIGURATION MANAGEMENT |
| 7.5 Ensure that swarm manager is run in auto-lock mode | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.6 Ensure that the swarm manager auto-lock key is rotated periodically | IDENTIFICATION AND AUTHENTICATION |
| 7.7 Ensure that node certificates are rotated as appropriate | IDENTIFICATION AND AUTHENTICATION |
| 7.8 Ensure that CA certificates are rotated as appropriate | IDENTIFICATION AND AUTHENTICATION |
| 7.9 Ensure that management plane traffic is separated from data plane traffic | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Docker_v1.7.0_L1_Docker_Swarm.audit from CIS Docker Benchmark v1.7.0 | |
