Security Concerns; a DevOps engineer should always keep in mind when using Docker

Kushal Vithalani
1 min readJun 1, 2023
  1. Always keep your base images up-to-date so that all the present vulnerabilities and bugs will be fixed in the latest release.
  2. Never ever store secrets in Dockerfile. Developers may sometimes leave the AWS Secret key and access Key, API, or other secrets inside images. If the attackers were to grab these keys, they could be exploited. Hence irrespective of any environment one must always have a habit of keeping the secrets in the vault or stored outside the image and provided dynamically at runtime as needed.
  3. Scan your Docker image. Perform a thorough vulnerability scan using tools like Clair, Dagda, etc to identify any potential risk within your docker image
  4. Continuous Monitoring; Always set up a monitoring tool to identify any vulnerabilities in the image. So it can be caught and necessary actions can be taken in a swift manner.
  5. Rootless containers; There are very few cases where a Docker container needs to be run via root. It is a Dockerfile best practice to avoid doing that. So don’t forget to include the USER instruction to change the default effective UID to a non-root user.

These are some of the things one must always keep in mind when working with Docker.

Thank you and Happy Learning😃

--

--