Rule updates 2019.02.v1 (falcosecurity#551)

* Let cassandra write to /root/.cassandra * Add kubelet/kops to allowed_k8s_users
leogr · Mar 9, 2019 · bdca603 · bdca603
1 parent 5630a36
commit bdca603
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/k8s_audit_rules.yaml b/k8s_audit_rules.yaml
@@ -34,7 +34,7 @@
 
 # If you wish to restrict activity to a specific set of users, override/append to this list.
 - list: allowed_k8s_users
-  items: ["minikube", "minikube-user"]
+  items: ["minikube", "minikube-user", "kubelet", "kops"]
 
 - rule: Disallowed K8s User
   desc: Detect any k8s operation by users outside of an allowed set of users.