| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_UCP_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | |
| DKER-EE-001000 - The Docker Enterprise Per User Limit Login Session Control in the Universal Control Plane (UCP) Admin Settings must be set to an organization-defined value for all accounts and/or account types. | ACCESS CONTROL |
| DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise. | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured. | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured. | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001870 - The Docker Enterprise self-signed certificates in Universal Control Plane (UCP) must be replaced with DoD trusted, signed certificates. | CONFIGURATION MANAGEMENT |
| DKER-EE-001890 - The option in Universal Control Plane (UCP) allowing users and administrators to schedule containers on all nodes, including UCP managers and Docker Trusted Registry (DTR) nodes must be disabled in Docker Enterprise. | CONFIGURATION MANAGEMENT |
| DKER-EE-001910 - Periodic data usage and analytics reporting in Universal Control Plane (UCP) must be disabled in Docker Enterprise. | CONFIGURATION MANAGEMENT |
| DKER-EE-002180 - SAML integration must be enabled in Docker Enterprise. | IDENTIFICATION AND AUTHENTICATION |
| DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise - lifetime_minutes | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise - renewal_threshold_minutes | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-002970 - The Docker Enterprise per user limit login session control must be set per the requirements in the System Security Plan (SSP). | ACCESS CONTROL |
| DKER-EE-003590 - Content Trust enforcement must be enabled in Universal Control Plane (UCP) in Docker Enterprise. | CONFIGURATION MANAGEMENT |
| DKER-EE-003920 - Universal Control Plane (UCP) must be integrated with a trusted certificate authority (CA) in Docker Enterprise. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-004370 - Docker Content Trust enforcement must be enabled in Universal Control Plane (UCP). | SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-006190 - Docker Enterprise Universal Control Plane (UCP) must be integrated with a trusted certificate authority (CA). | IDENTIFICATION AND AUTHENTICATION |
| DKER-EE-006280 - Docker Enterprise Universal Control Plane (UCP) must be configured to use TLS 1.2. | ACCESS CONTROL |
