From 6bdcf0cb9f8c375d0fd0f42a62d65ea41ccc14b0 Mon Sep 17 00:00:00 2001 From: Avanti19 <49921401+Avanti19@users.noreply.github.com> Date: Tue, 9 Mar 2021 15:43:43 +0530 Subject: [PATCH] Terrascan K8s New categories and ruleRef ID changes (#583) * adding terrascan changes * changing ref id * adding correct refid * updated reference id * adding updated rule reference id * updating erverity * updating cetegories * updated rule reference id * updating rule ref id Co-authored-by: apple --- .../{AC-K8-NS-IN-H-0020.json => AC-K8-IS-IN-M-0002.json} | 6 +++--- .../{AC-K8-OE-NS-L-0128.json => AC-K8-SP-NS-L-0013.json} | 4 ++-- ...rics.kubernetes.OPS.460.json => AC-K8-SP-NS-L-0259.json} | 4 ++-- ...rics.kubernetes.OPS.461.json => AC-K8-SP-NS-L-0461.json} | 4 ++-- ...rics.kubernetes.OPS.462.json => AC-K8-SP-NS-L-0462.json} | 4 ++-- .../{AC-K8-OE-PK-M-0034.json => AC-K8-CV-PK-M-0021.json} | 4 ++-- .../{AC-K8-CA-PO-H-0165.json => AC-K8-CV-PO-H-0085.json} | 4 ++-- .../{AC-K8-DS-PO-M-0176.json => AC-K8-DP-PO-M-0067.json} | 4 ++-- .../{AC-K8-DS-PO-M-0177.json => AC-K8-DP-PO-M-0071.json} | 4 ++-- .../{AC-K8-IA-PO-M-0105.json => AC-K8-IA-PK-M-0045.json} | 2 +- .../{AC-K8-IA-PO-H-0106.json => AC-K8-IA-PO-H-0046.json} | 2 +- .../{AC-K8-IA-PO-H-0138.json => AC-K8-IA-PO-H-0076.json} | 2 +- .../{AC-K8-IA-PO-H-0168.json => AC-K8-IA-PO-H-0087.json} | 2 +- .../{AC-K8-IA-PO-M-0135.json => AC-K8-IA-PO-M-0073.json} | 2 +- .../{AC-K8-IA-PO-H-0137.json => AC-K8-IA-PO-M-0074.json} | 2 +- .../{AC-K8-IA-PO-M-0139.json => AC-K8-IA-PO-M-0077.json} | 2 +- .../{AC-K8-IA-PO-M-0140.json => AC-K8-IA-PO-M-0078.json} | 2 +- .../{AC-K8-IA-PO-M-0141.json => AC-K8-IA-PO-M-0080.json} | 2 +- .../{AC-K8-IA-PO-M-0143.json => AC-K8-IA-PO-M-0081.json} | 2 +- .../{AC-K8-IA-PO-M-0162.json => AC-K8-IA-PO-M-0082.json} | 2 +- .../{AC-K8-IA-PS-M-0112.json => AC-K8-IA-PS-M-0048.json} | 2 +- .../{AC-K8-NS-PO-H-0117.json => AC-K8-IS-PO-H-0051.json} | 4 ++-- .../{AC-K8-NS-PO-M-0122.json => AC-K8-IS-PO-M-0064.json} | 4 ++-- .../{AC-K8-NS-PO-M-0133.json => AC-K8-IS-PO-M-0069.json} | 4 ++-- .../{AC-K8-NS-PO-H-0170.json => AC-K8-IS-PO-M-0075.json} | 6 +++--- .../{AC-K8-NS-PO-M-0182.json => AC-K8-IS-PO-M-0079.json} | 4 ++-- .../{AC-K8-NS-PO-M-0163.json => AC-K8-IS-PO-M-0083.json} | 4 ++-- .../{AC-K8-NS-PO-M-0164.json => AC-K8-IS-PO-M-0084.json} | 4 ++-- .../{AC-K8-NS-PO-M-0171.json => AC-K8-IS-PO-M-0088.json} | 4 ++-- .../{AC-K8-OE-PK-M-0155.json => AC-K8-SP-PK-M-0097.json} | 4 ++-- .../{AC-K8-OE-PK-M-0156.json => AC-K8-SP-PK-M-0098.json} | 4 ++-- .../{AC-K8-OE-PK-M-0157.json => AC-K8-SP-PK-M-0099.json} | 4 ++-- .../{AC-K8-OE-PK-M-0158.json => AC-K8-SP-PK-M-0100.json} | 4 ++-- .../{AC-K8-OE-PO-M-0166.json => AC-K8-SP-PO-H-0086.json} | 6 +++--- .../{AC-K8-OE-PO-L-0134.json => AC-K8-SP-PO-L-0068.json} | 4 ++-- .../{AC-K8-OE-PO-L-0129.json => AC-K8-SP-PO-L-0070.json} | 4 ++-- .../{AC-K8-OE-PO-L-0130.json => AC-K8-SP-PO-L-0072.json} | 4 ++-- ...urics.kubernetes.IAM.73.json => AC-K8-IA-PK-M-0073.json} | 2 +- ...urics.kubernetes.IAM.74.json => AC-K8-IA-PK-M-0074.json} | 2 +- ...urics.kubernetes.IAM.75.json => AC-K8-IA-PK-M-0075.json} | 2 +- ...urics.kubernetes.IAM.76.json => AC-K8-IA-PK-M-0076.json} | 2 +- ...urics.kubernetes.IAM.77.json => AC-K8-IA-PK-M-0077.json} | 2 +- ...urics.kubernetes.IAM.78.json => AC-K8-IA-PK-M-0078.json} | 2 +- ...urics.kubernetes.IAM.79.json => AC-K8-IA-PK-M-0079.json} | 2 +- ...urics.kubernetes.IAM.80.json => AC-K8-IA-PK-M-0080.json} | 2 +- ...urics.kubernetes.IAM.81.json => AC-K8-IA-PK-M-0081.json} | 2 +- ...urics.kubernetes.IAM.82.json => AC-K8-IA-PK-M-0082.json} | 2 +- ...urics.kubernetes.IAM.83.json => AC-K8-IA-PK-M-0083.json} | 2 +- ...urics.kubernetes.IAM.84.json => AC-K8-IA-PK-M-0084.json} | 2 +- ...urics.kubernetes.IAM.85.json => AC-K8-IA-PK-M-0085.json} | 2 +- ...urics.kubernetes.IAM.86.json => AC-K8-IA-PK-M-0086.json} | 2 +- ...urics.kubernetes.IAM.87.json => AC-K8-IA-PK-M-0087.json} | 2 +- ...urics.kubernetes.IAM.88.json => AC-K8-IA-PK-M-0088.json} | 2 +- ...rics.kubernetes.IAM.105.json => AC-K8-IA-AC-M-0105.json} | 2 +- ...rics.kubernetes.IAM.106.json => AC-K8-IA-AC-M-0106.json} | 2 +- ...rics.kubernetes.IAM.107.json => AC-K8-IA-AC-M-0107.json} | 2 +- ...rics.kubernetes.IAM.108.json => AC-K8-IA-AC-M-0108.json} | 2 +- ...rics.kubernetes.IAM.109.json => AC-K8-IA-AC-M-0109.json} | 2 +- ...rics.kubernetes.IAM.110.json => AC-K8-IA-AC-M-0110.json} | 2 +- ...rics.kubernetes.IAM.111.json => AC-K8-IA-AC-M-0111.json} | 2 +- ...rics.kubernetes.IAM.112.json => AC-K8-IA-AC-M-0112.json} | 2 +- ...rics.kubernetes.IAM.113.json => AC-K8-IA-AC-M-0113.json} | 2 +- ...rics.kubernetes.IAM.114.json => AC-K8-IA-AC-M-0114.json} | 2 +- ...rics.kubernetes.IAM.115.json => AC-K8-IA-AC-M-0115.json} | 2 +- ...rics.kubernetes.IAM.116.json => AC-K8-IA-AC-M-0116.json} | 2 +- ...rics.kubernetes.IAM.117.json => AC-K8-IA-AC-M-0117.json} | 2 +- ...rics.kubernetes.IAM.118.json => AC-K8-IA-AC-M-0118.json} | 2 +- ...rics.kubernetes.IAM.119.json => AC-K8-IA-AC-M-0119.json} | 2 +- ...rics.kubernetes.IAM.120.json => AC-K8-IA-AC-M-0120.json} | 2 +- ...urics.kubernetes.EKM.57.json => AC-K8-DP-PO-H-0057.json} | 4 ++-- ...urics.kubernetes.EKM.58.json => AC-K8-DP-PO-H-0058.json} | 4 ++-- ...urics.kubernetes.EKM.59.json => AC-K8-DP-PO-H-0059.json} | 4 ++-- ...urics.kubernetes.EKM.60.json => AC-K8-DP-PO-H-0060.json} | 4 ++-- ...urics.kubernetes.EKM.61.json => AC-K8-DP-PO-H-0061.json} | 4 ++-- ...urics.kubernetes.EKM.62.json => AC-K8-DP-PO-H-0062.json} | 4 ++-- ...urics.kubernetes.EKM.63.json => AC-K8-DP-PO-H-0063.json} | 4 ++-- ...urics.kubernetes.EKM.64.json => AC-K8-DP-PO-H-0064.json} | 4 ++-- ...urics.kubernetes.EKM.65.json => AC-K8-DP-PO-H-0065.json} | 4 ++-- ...urics.kubernetes.EKM.66.json => AC-K8-DP-PO-H-0066.json} | 4 ++-- ...urics.kubernetes.EKM.67.json => AC-K8-DP-PO-H-0067.json} | 4 ++-- ...urics.kubernetes.EKM.68.json => AC-K8-DP-PO-H-0068.json} | 4 ++-- ...urics.kubernetes.EKM.69.json => AC-K8-DP-PO-H-0069.json} | 4 ++-- ...urics.kubernetes.EKM.70.json => AC-K8-DP-PO-H-0070.json} | 4 ++-- ...urics.kubernetes.EKM.71.json => AC-K8-DP-PO-H-0071.json} | 4 ++-- ...urics.kubernetes.EKM.72.json => AC-K8-DP-PO-H-0072.json} | 4 ++-- .../{AC-K8-IA-RO-H-0104.json => AC-K8-IA-RO-H-0191.json} | 2 +- .../{AC-K8-NS-SV-L-0132.json => AC-K8-IS-SE-L-0111.json} | 4 ++-- .../{AC-K8-NS-SE-M-0185.json => AC-K8-IS-SE-M-0110.json} | 4 ++-- .../{AC-K8-NS-SE-M-0188.json => AC-K8-IS-SE-M-0112.json} | 4 ++-- .../{AC-K8-NS-SE-M-0188.json => AC-K8-IS-SE-M-0112.json} | 4 ++-- 90 files changed, 138 insertions(+), 138 deletions(-) rename pkg/policies/opa/rego/k8s/kubernetes_ingress/{AC-K8-NS-IN-H-0020.json => AC-K8-IS-IN-M-0002.json} (70%) rename pkg/policies/opa/rego/k8s/kubernetes_namespace/{AC-K8-OE-NS-L-0128.json => AC-K8-SP-NS-L-0013.json} (76%) rename pkg/policies/opa/rego/k8s/kubernetes_namespace/{accurics.kubernetes.OPS.460.json => AC-K8-SP-NS-L-0259.json} (80%) rename pkg/policies/opa/rego/k8s/kubernetes_namespace/{accurics.kubernetes.OPS.461.json => AC-K8-SP-NS-L-0461.json} (80%) rename pkg/policies/opa/rego/k8s/kubernetes_namespace/{accurics.kubernetes.OPS.462.json => AC-K8-SP-NS-L-0462.json} (80%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PK-M-0034.json => AC-K8-CV-PK-M-0021.json} (83%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-CA-PO-H-0165.json => AC-K8-CV-PO-H-0085.json} (86%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-DS-PO-M-0176.json => AC-K8-DP-PO-M-0067.json} (79%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-DS-PO-M-0177.json => AC-K8-DP-PO-M-0071.json} (78%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-M-0105.json => AC-K8-IA-PK-M-0045.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-H-0106.json => AC-K8-IA-PO-H-0046.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-H-0138.json => AC-K8-IA-PO-H-0076.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-H-0168.json => AC-K8-IA-PO-H-0087.json} (92%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-M-0135.json => AC-K8-IA-PO-M-0073.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-H-0137.json => AC-K8-IA-PO-M-0074.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-M-0139.json => AC-K8-IA-PO-M-0077.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-M-0140.json => AC-K8-IA-PO-M-0078.json} (93%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-M-0141.json => AC-K8-IA-PO-M-0080.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-M-0143.json => AC-K8-IA-PO-M-0081.json} (93%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PO-M-0162.json => AC-K8-IA-PO-M-0082.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-IA-PS-M-0112.json => AC-K8-IA-PS-M-0048.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-NS-PO-H-0117.json => AC-K8-IS-PO-H-0051.json} (79%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-NS-PO-M-0122.json => AC-K8-IS-PO-M-0064.json} (78%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-NS-PO-M-0133.json => AC-K8-IS-PO-M-0069.json} (79%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-NS-PO-H-0170.json => AC-K8-IS-PO-M-0075.json} (70%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-NS-PO-M-0182.json => AC-K8-IS-PO-M-0079.json} (78%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-NS-PO-M-0163.json => AC-K8-IS-PO-M-0083.json} (79%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-NS-PO-M-0164.json => AC-K8-IS-PO-M-0084.json} (80%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-NS-PO-M-0171.json => AC-K8-IS-PO-M-0088.json} (82%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PK-M-0155.json => AC-K8-SP-PK-M-0097.json} (85%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PK-M-0156.json => AC-K8-SP-PK-M-0098.json} (84%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PK-M-0157.json => AC-K8-SP-PK-M-0099.json} (85%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PK-M-0158.json => AC-K8-SP-PK-M-0100.json} (85%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PO-M-0166.json => AC-K8-SP-PO-H-0086.json} (69%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PO-L-0134.json => AC-K8-SP-PO-L-0068.json} (79%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PO-L-0129.json => AC-K8-SP-PO-L-0070.json} (82%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/{AC-K8-OE-PO-L-0130.json => AC-K8-SP-PO-L-0072.json} (82%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.73.json => AC-K8-IA-PK-M-0073.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.74.json => AC-K8-IA-PK-M-0074.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.75.json => AC-K8-IA-PK-M-0075.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.76.json => AC-K8-IA-PK-M-0076.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.77.json => AC-K8-IA-PK-M-0077.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.78.json => AC-K8-IA-PK-M-0078.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.79.json => AC-K8-IA-PK-M-0079.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.80.json => AC-K8-IA-PK-M-0080.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.81.json => AC-K8-IA-PK-M-0081.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.82.json => AC-K8-IA-PK-M-0082.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.83.json => AC-K8-IA-PK-M-0083.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.84.json => AC-K8-IA-PK-M-0084.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.85.json => AC-K8-IA-PK-M-0085.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.86.json => AC-K8-IA-PK-M-0086.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.87.json => AC-K8-IA-PK-M-0087.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/{accurics.kubernetes.IAM.88.json => AC-K8-IA-PK-M-0088.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.105.json => AC-K8-IA-AC-M-0105.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.106.json => AC-K8-IA-AC-M-0106.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.107.json => AC-K8-IA-AC-M-0107.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.108.json => AC-K8-IA-AC-M-0108.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.109.json => AC-K8-IA-AC-M-0109.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.110.json => AC-K8-IA-AC-M-0110.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.111.json => AC-K8-IA-AC-M-0111.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.112.json => AC-K8-IA-AC-M-0112.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.113.json => AC-K8-IA-AC-M-0113.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.114.json => AC-K8-IA-AC-M-0114.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.115.json => AC-K8-IA-AC-M-0115.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.116.json => AC-K8-IA-AC-M-0116.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.117.json => AC-K8-IA-AC-M-0117.json} (89%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.118.json => AC-K8-IA-AC-M-0118.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.119.json => AC-K8-IA-AC-M-0119.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/{accurics.kubernetes.IAM.120.json => AC-K8-IA-AC-M-0120.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.57.json => AC-K8-DP-PO-H-0057.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.58.json => AC-K8-DP-PO-H-0058.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.59.json => AC-K8-DP-PO-H-0059.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.60.json => AC-K8-DP-PO-H-0060.json} (80%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.61.json => AC-K8-DP-PO-H-0061.json} (80%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.62.json => AC-K8-DP-PO-H-0062.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.63.json => AC-K8-DP-PO-H-0063.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.64.json => AC-K8-DP-PO-H-0064.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.65.json => AC-K8-DP-PO-H-0065.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.66.json => AC-K8-DP-PO-H-0066.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.67.json => AC-K8-DP-PO-H-0067.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.68.json => AC-K8-DP-PO-H-0068.json} (80%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.69.json => AC-K8-DP-PO-H-0069.json} (80%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.70.json => AC-K8-DP-PO-H-0070.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.71.json => AC-K8-DP-PO-H-0071.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/{accurics.kubernetes.EKM.72.json => AC-K8-DP-PO-H-0072.json} (81%) rename pkg/policies/opa/rego/k8s/kubernetes_role/{AC-K8-IA-RO-H-0104.json => AC-K8-IA-RO-H-0191.json} (90%) rename pkg/policies/opa/rego/k8s/kubernetes_service/{AC-K8-NS-SV-L-0132.json => AC-K8-IS-SE-L-0111.json} (77%) rename pkg/policies/opa/rego/k8s/kubernetes_service/{AC-K8-NS-SE-M-0185.json => AC-K8-IS-SE-M-0110.json} (78%) rename pkg/policies/opa/rego/k8s/kubernetes_service/{AC-K8-NS-SE-M-0188.json => AC-K8-IS-SE-M-0112.json} (76%) rename pkg/policies/opa/rego/k8s/kubernetes_service/cve_2020_8554/{AC-K8-NS-SE-M-0188.json => AC-K8-IS-SE-M-0112.json} (78%) diff --git a/pkg/policies/opa/rego/k8s/kubernetes_ingress/AC-K8-NS-IN-H-0020.json b/pkg/policies/opa/rego/k8s/kubernetes_ingress/AC-K8-IS-IN-M-0002.json similarity index 70% rename from pkg/policies/opa/rego/k8s/kubernetes_ingress/AC-K8-NS-IN-H-0020.json rename to pkg/policies/opa/rego/k8s/kubernetes_ingress/AC-K8-IS-IN-M-0002.json index 30181cec1..d109d8ae9 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_ingress/AC-K8-NS-IN-H-0020.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_ingress/AC-K8-IS-IN-M-0002.json @@ -6,9 +6,9 @@ "prefix": "", "suffix": "" }, - "severity": "HIGH", + "severity": "MEDIUM", "description": "TLS disabled can affect the confidentiality of the data in transit", - "reference_id": "AC-K8-NS-IN-H-0020", - "category": "Network Security", + "reference_id": "AC-K8-IS-IN-M-0002", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-OE-NS-L-0128.json b/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0013.json similarity index 76% rename from pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-OE-NS-L-0128.json rename to pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0013.json index 2cff9d315..68303fcfc 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-OE-NS-L-0128.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0013.json @@ -8,7 +8,7 @@ }, "severity": "LOW", "description": "No owner for namespace affects the operations", - "reference_id": "AC-K8-OE-NS-L-0128", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-NS-L-0013", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.460.json b/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0259.json similarity index 80% rename from pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.460.json rename to pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0259.json index 28bbe2b66..70ebacd16 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.460.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0259.json @@ -10,7 +10,7 @@ }, "severity": "LOW", "description": "The default namespace should not be used", - "reference_id": "accurics.kubernetes.OPS.460", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-NS-L-0259", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.461.json b/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0461.json similarity index 80% rename from pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.461.json rename to pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0461.json index 5d84bfdc9..36b50143d 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.461.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0461.json @@ -10,7 +10,7 @@ }, "severity": "LOW", "description": "The default namespace should not be used", - "reference_id": "accurics.kubernetes.OPS.461", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-NS-L-0461", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.462.json b/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0462.json similarity index 80% rename from pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.462.json rename to pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0462.json index 4425c4911..d1598f276 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_namespace/accurics.kubernetes.OPS.462.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_namespace/AC-K8-SP-NS-L-0462.json @@ -10,7 +10,7 @@ }, "severity": "LOW", "description": "The default namespace should not be used", - "reference_id": "accurics.kubernetes.OPS.462", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-NS-L-0462", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0034.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CV-PK-M-0021.json similarity index 83% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0034.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CV-PK-M-0021.json index 6340d311e..01b92aa22 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0034.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CV-PK-M-0021.json @@ -13,7 +13,7 @@ }, "severity": "MEDIUM", "description": "AlwaysPullImages plugin is not set", - "reference_id": "AC-K8-OE-PK-M-0034", - "category": "Operational Efficiency", + "reference_id": "AC-K8-CV-PK-M-0021", + "category": "Compliance Validation", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CA-PO-H-0165.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CV-PO-H-0085.json similarity index 86% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CA-PO-H-0165.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CV-PO-H-0085.json index 24409fb1c..a65cb3b42 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CA-PO-H-0165.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-CV-PO-H-0085.json @@ -15,7 +15,7 @@ }, "severity": "HIGH", "description": "Containers Should Not Run with AllowPrivilegeEscalation", - "reference_id": "AC-K8-CA-PO-H-0165", - "category": "Cloud Assets Management", + "reference_id": "AC-K8-CV-PO-H-0085", + "category": "Compliance Validation", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DS-PO-M-0176.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DP-PO-M-0067.json similarity index 79% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DS-PO-M-0176.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DP-PO-M-0067.json index d0bff541c..b909dbc65 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DS-PO-M-0176.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DP-PO-M-0067.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Ensure Kubernetes Dashboard Is Not Deployed", - "reference_id": "AC-K8-DS-PO-M-0176", - "category": "Data Security", + "reference_id": "AC-K8-DP-PO-M-0067", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DS-PO-M-0177.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DP-PO-M-0071.json similarity index 78% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DS-PO-M-0177.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DP-PO-M-0071.json index d8a40cc5e..4d4c09f33 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DS-PO-M-0177.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-DP-PO-M-0071.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Ensure That Tiller (Helm V2) Is Not Deployed", - "reference_id": "AC-K8-DS-PO-M-0177", - "category": "Data Security", + "reference_id": "AC-K8-DP-PO-M-0071", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0105.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PK-M-0045.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0105.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PK-M-0045.json index 6f9be71f1..f335224d3 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0105.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PK-M-0045.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Ensure that Service Account Tokens are only mounted where necessary", - "reference_id": "AC-K8-IA-PO-M-0105", + "reference_id": "AC-K8-IA-PK-M-0045", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0106.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0046.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0106.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0046.json index d07858d49..430abaccf 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0106.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0046.json @@ -8,7 +8,7 @@ }, "severity": "HIGH", "description": "Minimize the admission of privileged containers", - "reference_id": "AC-K8-IA-PO-H-0106", + "reference_id": "AC-K8-IA-PO-H-0046", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0138.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0076.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0138.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0076.json index 16cfd6d99..0cf19114d 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0138.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0076.json @@ -8,7 +8,7 @@ }, "severity": "HIGH", "description": "Allowing hostPaths to mount to Pod arise the probability of getting access to the node's filesystem", - "reference_id": "AC-K8-IA-PO-H-0138", + "reference_id": "AC-K8-IA-PO-H-0076", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0168.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0087.json similarity index 92% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0168.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0087.json index f7c9d5424..abddbd277 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0168.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0087.json @@ -15,7 +15,7 @@ }, "severity": "HIGH", "description": "Minimize Admission of Root Containers", - "reference_id": "AC-K8-IA-PO-H-0168", + "reference_id": "AC-K8-IA-PO-H-0087", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0135.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0073.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0135.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0073.json index d7befdd86..bf719fb95 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0135.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0073.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "AppArmor profile not set to default or custom profile will make the container vulnerable to kernel level threats", - "reference_id": "AC-K8-IA-PO-M-0135", + "reference_id": "AC-K8-IA-PO-M-0073", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0137.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0074.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0137.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0074.json index 71f74c306..032ec36cd 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-H-0137.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0074.json @@ -8,7 +8,7 @@ }, "severity": "HIGH", "description": "Allowing the pod to make system level calls provide access to host/node sensitive information", - "reference_id": "AC-K8-IA-PO-H-0137", + "reference_id": "AC-K8-IA-PO-M-0074", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0139.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0077.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0139.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0077.json index 5a22d3f4e..9b7669111 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0139.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0077.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Unmasking the procMount will allow more information than is necessary to the program running in the containers spawned by k8s", - "reference_id": "AC-K8-IA-PO-M-0139", + "reference_id": "AC-K8-IA-PO-M-0077", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0140.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0078.json similarity index 93% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0140.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0078.json index 10fad68ae..accbdd95b 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0140.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0078.json @@ -15,7 +15,7 @@ }, "severity": "MEDIUM", "description": "Container images with readOnlyRootFileSystem set as false mounts the container root file system with write permissions", - "reference_id": "AC-K8-IA-PO-M-0140", + "reference_id": "AC-K8-IA-PO-M-0078", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0141.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0080.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0141.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0080.json index 5293c73bf..77c880628 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0141.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0080.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Default seccomp profile not enabled will make the container to make non-essential system calls", - "reference_id": "AC-K8-IA-PO-M-0141", + "reference_id": "AC-K8-IA-PO-M-0080", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0143.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0081.json similarity index 93% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0143.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0081.json index 07843f8bf..0bcaf1e9d 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0143.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0081.json @@ -16,7 +16,7 @@ }, "severity": "MEDIUM", "description": "Some volume types mount the host file system paths to the pod or container, thus increasing the chance of escaping the container to access the host", - "reference_id": "AC-K8-IA-PO-M-0143", + "reference_id": "AC-K8-IA-PO-M-0081", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0162.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0082.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0162.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0082.json index a98195db9..0d0c55405 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0162.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PO-M-0082.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Containers Should Not Share Host Process ID Namespace", - "reference_id": "AC-K8-IA-PO-M-0162", + "reference_id": "AC-K8-IA-PO-M-0082", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PS-M-0112.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PS-M-0048.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PS-M-0112.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PS-M-0048.json index 11f59e9a7..f65e0c681 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PS-M-0112.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IA-PS-M-0048.json @@ -9,7 +9,7 @@ }, "severity": "MEDIUM", "description": "Minimize the admission of containers with the NET_RAW capability", - "reference_id": "AC-K8-IA-PS-M-0112", + "reference_id": "AC-K8-IA-PS-M-0048", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-H-0117.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-H-0051.json similarity index 79% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-H-0117.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-H-0051.json index 23c8d904d..2c893a85d 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-H-0117.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-H-0051.json @@ -8,7 +8,7 @@ }, "severity": "HIGH", "description": "Prefer using secrets as files over secrets as environment variables", - "reference_id": "AC-K8-NS-PO-H-0117", - "category": "Network Security", + "reference_id": "AC-K8-IS-PO-H-0051", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0122.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0064.json similarity index 78% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0122.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0064.json index 43ba2432f..73301eedd 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0122.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0064.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Apply Security Context to Your Pods and Containers", - "reference_id": "AC-K8-NS-PO-M-0122", - "category": "Network Security", + "reference_id": "AC-K8-IS-PO-M-0064", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0133.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0069.json similarity index 79% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0133.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0069.json index 804a12ed4..e93e41024 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0133.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0069.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Image without digest affects the integrity principle of image security", - "reference_id": "AC-K8-NS-PO-M-0133", - "category": "Network Security", + "reference_id": "AC-K8-IS-PO-M-0069", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-H-0170.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0075.json similarity index 70% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-H-0170.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0075.json index b211361a6..218d246e4 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-H-0170.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0075.json @@ -6,9 +6,9 @@ "prefix": "", "suffix": "" }, - "severity": "HIGH", + "severity": "MEDIUM", "description": "Do Not Use CAP_SYS_ADMIN Linux Capability", - "reference_id": "AC-K8-NS-PO-H-0170", - "category": "Network Security", + "reference_id": "AC-K8-IS-PO-M-0075", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0182.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0079.json similarity index 78% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0182.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0079.json index 224310674..08ad6b963 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0182.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0079.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Containers Should Run as a High UID to Avoid Host Conflict", - "reference_id": "AC-K8-NS-PO-M-0182", - "category": "Network Security", + "reference_id": "AC-K8-IS-PO-M-0079", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0163.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0083.json similarity index 79% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0163.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0083.json index e96b364da..c6f2f4cef 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0163.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0083.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Containers Should Not Share Host IPC Namespace", - "reference_id": "AC-K8-NS-PO-M-0163", - "category": "Network Security", + "reference_id": "AC-K8-IS-PO-M-0083", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0164.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0084.json similarity index 80% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0164.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0084.json index 5c893ce0b..9262a649a 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0164.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0084.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Containers Should Not Share the Host Network Namespace", - "reference_id": "AC-K8-NS-PO-M-0164", - "category": "Network Security", + "reference_id": "AC-K8-IS-PO-M-0084", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0171.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0088.json similarity index 82% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0171.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0088.json index df493d82c..1d1a30b6e 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-NS-PO-M-0171.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-IS-PO-M-0088.json @@ -11,7 +11,7 @@ }, "severity": "MEDIUM", "description": "Restrict Mounting Docker Socket in a Container", - "reference_id": "AC-K8-NS-PO-M-0171", - "category": "Network Security", + "reference_id": "AC-K8-IS-PO-M-0088", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0155.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0097.json similarity index 85% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0155.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0097.json index aebef8612..fed6e5ef4 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0155.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0097.json @@ -15,7 +15,7 @@ }, "severity": "Medium", "description": "CPU Request Not Set in config file.", - "reference_id": "AC-K8-OE-PK-M-0155", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-PK-M-0097", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0156.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0098.json similarity index 84% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0156.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0098.json index c74835c6e..fc27ef7f7 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0156.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0098.json @@ -15,7 +15,7 @@ }, "severity": "Medium", "description": "CPU Limits Not Set in config file.", - "reference_id": "AC-K8-OE-PK-M-0156", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-PK-M-0098", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0157.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0099.json similarity index 85% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0157.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0099.json index 691b58895..6bea02bfe 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0157.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0099.json @@ -15,7 +15,7 @@ }, "severity": "Medium", "description": "Memory Request Not Set in config file.", - "reference_id": "AC-K8-OE-PK-M-0157", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-PK-M-0099", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0158.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0100.json similarity index 85% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0158.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0100.json index 7ab678c76..3c8ae7fff 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PK-M-0158.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PK-M-0100.json @@ -15,7 +15,7 @@ }, "severity": "Medium", "description": "Memory Limits Not Set in config file.", - "reference_id": "AC-K8-OE-PK-M-0158", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-PK-M-0100", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-M-0166.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-H-0086.json similarity index 69% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-M-0166.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-H-0086.json index 6e0c8fd97..6bf5ed20b 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-M-0166.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-H-0086.json @@ -6,9 +6,9 @@ "prefix": "", "suffix": "" }, - "severity": "MEDIUM", + "severity": "HIGH", "description": "Default Namespace Should Not be Used", - "reference_id": "AC-K8-OE-PO-M-0166", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-PO-H-0086", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0134.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0068.json similarity index 79% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0134.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0068.json index 83eec4e4d..c4833d54a 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0134.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0068.json @@ -8,7 +8,7 @@ }, "severity": "LOW", "description": "No tag or container image with :Latest tag makes difficult to rollback and track", - "reference_id": "AC-K8-OE-PO-L-0134", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-PO-L-0068", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0129.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0070.json similarity index 82% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0129.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0070.json index 9ce09380f..776e9bf67 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0129.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0070.json @@ -10,7 +10,7 @@ }, "severity": "LOW", "description": "No liveness probe will ensure there is no recovery in case of unexpected errors", - "reference_id": "AC-K8-OE-PO-L-0129", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-PO-L-0070", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0130.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0072.json similarity index 82% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0130.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0072.json index a0e4058fd..283112b01 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-OE-PO-L-0130.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/AC-K8-SP-PO-L-0072.json @@ -10,7 +10,7 @@ }, "severity": "LOW", "description": "No readiness probe will affect automatic recovery in case of unexpected errors", - "reference_id": "AC-K8-OE-PO-L-0130", - "category": "Operational Efficiency", + "reference_id": "AC-K8-SP-PO-L-0072", + "category": "Security Best Practices", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.73.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0073.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.73.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0073.json index 3a5ba1b5b..87377e2e8 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.73.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0073.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.73", + "reference_id": "AC-K8-IA-PK-M-0073", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.74.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0074.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.74.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0074.json index 860d3a3a0..3694999df 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.74.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0074.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.74", + "reference_id": "AC-K8-IA-PK-M-0074", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.75.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0075.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.75.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0075.json index a873dc584..18a38d41c 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.75.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0075.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.75", + "reference_id": "AC-K8-IA-PK-M-0075", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.76.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0076.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.76.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0076.json index 497e12df1..10b516d88 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.76.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0076.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.76", + "reference_id": "AC-K8-IA-PK-M-0076", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.77.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0077.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.77.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0077.json index 72f9f6971..16fd63da3 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.77.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0077.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.77", + "reference_id": "AC-K8-IA-PK-M-0077", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.78.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0078.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.78.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0078.json index 2ec1d9e1f..c5d1b99e7 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.78.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0078.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.78", + "reference_id": "AC-K8-IA-PK-M-0078", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.79.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0079.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.79.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0079.json index 0becff4f8..8102ea49d 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.79.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0079.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.79", + "reference_id": "AC-K8-IA-PK-M-0079", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.80.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0080.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.80.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0080.json index 6c54f996b..1c16010c1 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.80.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0080.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.80", + "reference_id": "AC-K8-IA-PK-M-0080", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.81.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0081.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.81.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0081.json index 8e8aebda8..926cb15f4 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.81.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0081.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.81", + "reference_id": "AC-K8-IA-PK-M-0081", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.82.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0082.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.82.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0082.json index 9d06ffb02..99663c088 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.82.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0082.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.82", + "reference_id": "AC-K8-IA-PK-M-0082", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.83.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0083.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.83.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0083.json index 0259e0256..b5226675b 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.83.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0083.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.83", + "reference_id": "AC-K8-IA-PK-M-0083", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.84.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0084.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.84.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0084.json index 646842e5b..cefbbc28d 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.84.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0084.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.84", + "reference_id": "AC-K8-IA-PK-M-0084", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.85.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0085.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.85.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0085.json index 59f98d1aa..066dfd1c6 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.85.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0085.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.85", + "reference_id": "AC-K8-IA-PK-M-0085", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.86.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0086.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.86.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0086.json index 32ae92f81..066e22e01 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.86.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0086.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.86", + "reference_id": "AC-K8-IA-PK-M-0086", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.87.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0087.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.87.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0087.json index b82fb1132..dcfd32be2 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.87.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0087.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.87", + "reference_id": "AC-K8-IA-PK-M-0087", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.88.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0088.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.88.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0088.json index 33f7d06b3..107365bb0 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/accurics.kubernetes.IAM.88.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/allowed_capabilities/AC-K8-IA-PK-M-0088.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Pod has extra capabilities allowed", - "reference_id": "accurics.kubernetes.IAM.88", + "reference_id": "AC-K8-IA-PK-M-0088", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.105.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0105.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.105.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0105.json index 56545ab51..2c3e368a0 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.105.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0105.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.105", + "reference_id": "AC-K8-IA-AC-M-0105", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.106.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0106.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.106.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0106.json index 4d978019c..5ac054d18 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.106.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0106.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.106", + "reference_id": "AC-K8-IA-AC-M-0106", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.107.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0107.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.107.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0107.json index 46806550e..cf78e5802 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.107.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0107.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.107", + "reference_id": "AC-K8-IA-AC-M-0107", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.108.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0108.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.108.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0108.json index ce27d4bb3..93fb83768 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.108.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0108.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.108", + "reference_id": "AC-K8-IA-AC-M-0108", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.109.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0109.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.109.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0109.json index b740200ba..d6004c7c9 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.109.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0109.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.109", + "reference_id": "AC-K8-IA-AC-M-0109", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.110.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0110.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.110.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0110.json index 19489a08a..ce6faeda4 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.110.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0110.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.110", + "reference_id": "AC-K8-IA-AC-M-0110", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.111.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0111.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.111.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0111.json index d4a8f5515..6d7a66413 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.111.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0111.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.111", + "reference_id": "AC-K8-IA-AC-M-0111", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.112.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0112.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.112.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0112.json index a18dc1c63..e1239eb29 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.112.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0112.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.112", + "reference_id": "AC-K8-IA-AC-M-0112", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.113.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0113.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.113.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0113.json index d1cdd0952..bcd97b657 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.113.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0113.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.113", + "reference_id": "AC-K8-IA-AC-M-0113", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.114.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0114.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.114.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0114.json index 64b9de334..43261591b 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.114.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0114.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.114", + "reference_id": "AC-K8-IA-AC-M-0114", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.115.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0115.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.115.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0115.json index 2f573f89b..d59308b6b 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.115.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0115.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.115", + "reference_id": "AC-K8-IA-AC-M-0115", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.116.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0116.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.116.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0116.json index 0f80098b5..384eb9257 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.116.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0116.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.116", + "reference_id": "AC-K8-IA-AC-M-0116", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.117.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0117.json similarity index 89% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.117.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0117.json index 9e420b8e7..c4713078f 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.117.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0117.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.117", + "reference_id": "AC-K8-IA-AC-M-0117", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.118.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0118.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.118.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0118.json index 17d411640..133fea79f 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.118.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0118.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.118", + "reference_id": "AC-K8-IA-AC-M-0118", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.119.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0119.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.119.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0119.json index 076a4927b..3689b678c 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.119.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0119.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.119", + "reference_id": "AC-K8-IA-AC-M-0119", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.120.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0120.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.120.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0120.json index e5c922b56..e6b9c4c0c 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/accurics.kubernetes.IAM.120.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_resources_not_defined/AC-K8-IA-AC-M-0120.json @@ -10,7 +10,7 @@ }, "severity": "MEDIUM", "description": "Container does not have resource limitations defined", - "reference_id": "accurics.kubernetes.IAM.120", + "reference_id": "AC-K8-IA-AC-M-0120", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.57.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0057.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.57.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0057.json index 7962ef773..d783320da 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.57.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0057.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.57", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0057", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.58.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0058.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.58.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0058.json index f8f70eaf8..37aac2551 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.58.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0058.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.58", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0058", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.59.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0059.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.59.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0059.json index 739c621d5..6b037ed19 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.59.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0059.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.59", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0059", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.60.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0060.json similarity index 80% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.60.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0060.json index f8a42a84a..1194597fd 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.60.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0060.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.60", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0060", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.61.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0061.json similarity index 80% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.61.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0061.json index fc7091e05..b0e3930d2 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.61.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0061.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.61", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0061", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.62.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0062.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.62.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0062.json index 3fc461ffb..911bc2d3a 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.62.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0062.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.62", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0062", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.63.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0063.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.63.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0063.json index 59662b349..5c614b001 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.63.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0063.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.63", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0063", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.64.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0064.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.64.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0064.json index 13cb5dc87..1cff659af 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.64.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0064.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.64", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0064", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.65.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0065.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.65.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0065.json index 00ec55c5a..398c9ce81 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.65.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0065.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.65", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0065", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.66.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0066.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.66.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0066.json index 0f4a3d56f..2c1dd07ed 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.66.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0066.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.66", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0066", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.67.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0067.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.67.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0067.json index 42cd86828..e91303369 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.67.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0067.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.67", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0067", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.68.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0068.json similarity index 80% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.68.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0068.json index d023923ea..339a8ea7b 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.68.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0068.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.68", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0068", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.69.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0069.json similarity index 80% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.69.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0069.json index c522de8fb..af0148572 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.69.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0069.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.69", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0069", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.70.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0070.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.70.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0070.json index 45c9cb9d5..d3c6be608 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.70.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0070.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.70", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0070", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.71.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0071.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.71.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0071.json index 4bbbdd267..a831c4e70 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.71.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0071.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.71", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0071", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.72.json b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0072.json similarity index 81% rename from pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.72.json rename to pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0072.json index 88fc00e56..b362b84f3 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/accurics.kubernetes.EKM.72.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_pod/container_uses_secrets_in_env/AC-K8-DP-PO-H-0072.json @@ -10,7 +10,7 @@ }, "severity": "HIGH", "description": "Container uses secrets in environment variables", - "reference_id": "accurics.kubernetes.EKM.72", - "category": "Encryption and Key Management", + "reference_id": "AC-K8-DP-PO-H-0072", + "category": "Data Protection", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_role/AC-K8-IA-RO-H-0104.json b/pkg/policies/opa/rego/k8s/kubernetes_role/AC-K8-IA-RO-H-0191.json similarity index 90% rename from pkg/policies/opa/rego/k8s/kubernetes_role/AC-K8-IA-RO-H-0104.json rename to pkg/policies/opa/rego/k8s/kubernetes_role/AC-K8-IA-RO-H-0191.json index a7d32a080..5eaea14ef 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_role/AC-K8-IA-RO-H-0104.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_role/AC-K8-IA-RO-H-0191.json @@ -8,7 +8,7 @@ }, "severity": "HIGH", "description": "Ensure that default service accounts are not actively used", - "reference_id": "AC-K8-IA-RO-H-0104", + "reference_id": "AC-K8-IA-RO-H-0191", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SV-L-0132.json b/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-L-0111.json similarity index 77% rename from pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SV-L-0132.json rename to pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-L-0111.json index ac5daf9e4..c09df6686 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SV-L-0132.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-L-0111.json @@ -8,7 +8,7 @@ }, "severity": "LOW", "description": "Nodeport service can expose the worker nodes as they have public interface", - "reference_id": "AC-K8-NS-SV-L-0132", - "category": "Network Security", + "reference_id": "AC-K8-IS-SE-L-0111", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SE-M-0185.json b/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-M-0110.json similarity index 78% rename from pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SE-M-0185.json rename to pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-M-0110.json index aa41b50a5..230d74cdf 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SE-M-0185.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-M-0110.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Ensure that the Tiller Service (Helm v2) is deleted", - "reference_id": "AC-K8-NS-SE-M-0185", - "category": "Network Security", + "reference_id": "AC-K8-IS-SE-M-0110", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SE-M-0188.json b/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-M-0112.json similarity index 76% rename from pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SE-M-0188.json rename to pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-M-0112.json index bb063812d..5acda0b73 100755 --- a/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-NS-SE-M-0188.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_service/AC-K8-IS-SE-M-0112.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Restrict the use of externalIPs", - "reference_id": "AC-K8-NS-SE-M-0188", - "category": "Network Security", + "reference_id": "AC-K8-IS-SE-M-0112", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/k8s/kubernetes_service/cve_2020_8554/AC-K8-NS-SE-M-0188.json b/pkg/policies/opa/rego/k8s/kubernetes_service/cve_2020_8554/AC-K8-IS-SE-M-0112.json similarity index 78% rename from pkg/policies/opa/rego/k8s/kubernetes_service/cve_2020_8554/AC-K8-NS-SE-M-0188.json rename to pkg/policies/opa/rego/k8s/kubernetes_service/cve_2020_8554/AC-K8-IS-SE-M-0112.json index 70157bc7e..1734aeb52 100644 --- a/pkg/policies/opa/rego/k8s/kubernetes_service/cve_2020_8554/AC-K8-NS-SE-M-0188.json +++ b/pkg/policies/opa/rego/k8s/kubernetes_service/cve_2020_8554/AC-K8-IS-SE-M-0112.json @@ -9,7 +9,7 @@ }, "severity": "MEDIUM", "description": "Vulnerable to CVE-2020-8554", - "reference_id": "AC-K8-NS-SE-M-0188", - "category": "Network Security", + "reference_id": "AC-K8-IS-SE-M-0112", + "category": "Infrastructure Security", "version": 1 } \ No newline at end of file