From 9ea195a0b7effbb7c27e6e8c891101eb9016891d Mon Sep 17 00:00:00 2001
From: Lorenzo Fontana <fontanalorenz@gmail.com>
Date: Thu, 15 Oct 2020 18:00:27 +0200
Subject: [PATCH] macro(allowed_k8s_users): exclude cloud-controller-manage to
 avoid false positives on k3s

Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
---
 rules/k8s_audit_rules.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/rules/k8s_audit_rules.yaml b/rules/k8s_audit_rules.yaml
index 67e1b327..527525f5 100644
--- a/rules/k8s_audit_rules.yaml
+++ b/rules/k8s_audit_rules.yaml
@@ -49,7 +49,8 @@
     "kubernetes-admin",
     vertical_pod_autoscaler_users,
     cluster-autoscaler,
-    "system:addon-manager"
+    "system:addon-manager",
+    "cloud-controller-manager"
     ]
 
 - rule: Disallowed K8s User