diff --git a/rules/k8s_audit_rules.yaml b/rules/k8s_audit_rules.yaml
index 08f18f57..a783dcf6 100644
--- a/rules/k8s_audit_rules.yaml
+++ b/rules/k8s_audit_rules.yaml
@@ -39,8 +39,9 @@
   condition: (jevt.value[/stage]=ResponseStarted)
 
 # If you wish to restrict activity to a specific set of users, override/append to this list.
+# users created by kops are included
 - list: allowed_k8s_users
-  items: ["minikube", "minikube-user", "kubelet", "kops"]
+  items: ["minikube", "minikube-user", "kubelet", "kops", "admin", "kube", "kube-proxy"]
 
 - rule: Disallowed K8s User
   desc: Detect any k8s operation by users outside of an allowed set of users.