diff --git a/rules/k8s_audit_rules.yaml b/rules/k8s_audit_rules.yaml index 5a76e3cf..2af7b564 100644 --- a/rules/k8s_audit_rules.yaml +++ b/rules/k8s_audit_rules.yaml @@ -50,7 +50,8 @@ vertical_pod_autoscaler_users, cluster-autoscaler, "system:addon-manager", - "cloud-controller-manager" + "cloud-controller-manager", + "eks:node-manager" ] - rule: Disallowed K8s User