Implement rules for CIS OCP Section 5.5

Now that we have a profile and control files for CIS 1.4.0, we can start wiring up the existing rules. This commit ports all the existing rules we were using for the CIS OpenShift profile into the CIS 1.4.0 version.
ComplianceAsCode · Jul 13, 2023 · 18c9821 · 18c9821
1 parent 764feb4
commit 18c9821
Showing 1 changed file with 7 additions and 4 deletions.
diff --git a/controls/cis_ocp_1_4_0/section-5.yml b/controls/cis_ocp_1_4_0/section-5.yml
@@ -126,14 +126,17 @@ controls:
       levels: level_2
   - id: '5.5'
     title: Extensible Admission Control
-    status: pending
+    status: automated
     rules: []
     controls:
     - id: 5.5.1
       title: Configure Image Provenance using image controller configuration parameters
-      status: pending
-      rules: []
-      levels: level_2
+      status: automated
+      rules:
+        - ocp_allowed_registries
+        - ocp_allowed_registries_for_import
+        - ocp_insecure_registries
+      level: level_2
   - id: '5.7'
     title: General Policies
     status: partial