turbot/docker_compliance
GitHub
Loading controls...

Control: 2.16 Ensure Userland Proxy is Disabled

Description

The Docker daemon starts a userland proxy service for port forwarding whenever a port is exposed. Where hairpin NAT is available, this service is generally superfluous to requirements and can be disabled.

Usage

Run the control in your terminal:

steampipe check docker_compliance.control.cis_v160_2_16

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share docker_compliance.control.cis_v160_2_16

SQL

This control uses a named query:

exec_userland_proxy_disabled

Tags