STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide

V-235849

CAT II (Medium)

Docker Enterprise Swarm manager auto-lock key must be rotated periodically.

Rule ID

SV-235849r961863_rule

STIG

Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000366

Discussion

Rotate swarm manager auto-lock key periodically. Swarm manager auto-lock key is not automatically rotated. Rotate them periodically as a best practice. By default, keys are not rotated automatically.

Check Content

Interview the system administrator to identify the key rotation process. Determine if there is a key rotation record and if the keys are rotated at a pre-defined frequency.

If the swarm manager auto-lock key is not rotated on a regular basis, this is a finding.

Fix Text

Run the below command to rotate the keys.

docker swarm unlock-key --rotate

Additionally, to facilitate audit for this recommendation, maintain key rotation records and ensure that a pre-defined frequency for key rotation is established.