STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Container Platform Security Requirements Guide

V-233028

CAT II (Medium)

Least privilege access and need-to-know must be required to access the container platform keystore.

Rule ID

SV-233028r1137640_rule

STIG

Container Platform Security Requirements Guide

Version

V2R4

CCIs

CCI-000213

Discussion

The container platform keystore is used to store access keys and tokens for trusted access to and from the container platform. The keystore gives the container platform a method to store the confidential data in a secure way and to encrypt the data when at rest. If this data is not protected through access controls, it can be used to access trusted sources as the container platform breaking the trusted relationship. To circumvent unauthorized access to the keystore, the container platform must have access controls in place to only allow those individuals with keystore duties. This requirement also applies to Zero Trust initiatives.

Check Content

Review the container platform to determine if only those individuals with keystore duties have access to the container platform keystore. 

If users have access to the container platform keystore that do not have keystore duties, this is a finding.

Fix Text

Configure the container platform to use least privilege and need-to-know when granting access to the container keystore. This fix ensures the proper roles and permissions are configured.