A user for the container has not been created

Description

The policy's primary purpose is to verify that a dedicated user has been explicitly created for running the container. This is essential to avoid running the container with root privileges, which could introduce significant security risks in case of a compromise. Running containers as a non-root user reduces the potential impact of a security breach.

Code Example

dockerfile

FROM base

+ RUN useradd -m appuser
+ USER appuser

Remediation

Docker

Rule Details

Field	Value
ID	IAC-0836
Severity	LOW
IaC Type	dockerfile
Frameworks	Docker
Checkov ID	CKV_DOCKER_3

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

A user for the container has not been created

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

A user for the container has not been created ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

A user for the container has not been created

Description

Code Example

Remediation

Rule Details

References