hardening-docker-daemon-configuration
CommunityHarden Docker daemon security safely.
Legal & Compliance#docker#tls#security-audit#cis-benchmark#daemon-hardening#userns-remap#docker-bench-security
Authorriandeoliveira
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you reduce the attack surface of the Docker daemon by hardening daemon.json and related security controls, preventing common privilege-escalation and container-breakout risks.
Core Features & Use Cases
- CIS-aligned daemon.json hardening: Applies key settings such as
userns-remap,no-new-privileges, logging controls, and inter-container communication restrictions. - Remote API protection with TLS: Generates CA/server/client certificates and configures
tls,tlsverify, and certificate paths to secure TCP access. - Security validation and auditing: Uses included Python audit scripts to check daemon configuration and Docker socket/file permissions against benchmark expectations.
- Operational hardening options: Covers rootless mode, seccomp/AppArmor guidance, content trust, and Docker Bench verification for ongoing compliance.
Quick Start
Use the hardening-docker-daemon-configuration Skill to audit your current Docker daemon configuration against CIS recommendations and output a remediation-ready hardening report.
Dependency Matrix
Required Modules
jsonossubprocessargparsepathlibdatetimetimezonestatauditctl
Components
scriptsreferencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: hardening-docker-daemon-configuration Download link: https://github.com/riandeoliveira/aspnet-template/archive/main.zip#hardening-docker-daemon-configuration Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.