ComplianceAsCode
diff --git a/‎applications/openshift/kubelet/kubelet_anonymous_auth/rule.yml‎
Lines changed: 1 addition & 1 deletion b/‎applications/openshift/kubelet/kubelet_anonymous_auth/rule.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎applications/openshift/kubelet/kubelet_authorization_mode/rule.yml‎
Lines changed: 1 addition & 1 deletion b/‎applications/openshift/kubelet/kubelet_authorization_mode/rule.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎applications/openshift/kubelet/kubelet_configure_client_ca/rule.yml‎
Lines changed: 1 addition & 1 deletion b/‎applications/openshift/kubelet/kubelet_configure_client_ca/rule.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎applications/openshift/kubelet/kubelet_configure_event_creation/rule.yml‎
Lines changed: 1 addition & 1 deletion b/‎applications/openshift/kubelet/kubelet_configure_event_creation/rule.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎applications/openshift/kubelet/kubelet_configure_event_creation/tests/match.pass.sh‎
Lines changed: 2 additions & 2 deletions b/‎applications/openshift/kubelet/kubelet_configure_event_creation/tests/match.pass.sh‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎applications/openshift/kubelet/kubelet_configure_event_creation/tests/nomatch.fail.sh‎
Lines changed: 2 additions & 2 deletions b/‎applications/openshift/kubelet/kubelet_configure_event_creation/tests/nomatch.fail.sh‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎applications/openshift/kubelet/kubelet_configure_tls_cipher_suites/rule.yml‎
Lines changed: 1 addition & 1 deletion b/‎applications/openshift/kubelet/kubelet_configure_tls_cipher_suites/rule.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎applications/openshift/kubelet/kubelet_configure_tls_cipher_suites/tests/match.pass.sh‎
Lines changed: 2 additions & 2 deletions b/‎applications/openshift/kubelet/kubelet_configure_tls_cipher_suites/tests/match.pass.sh‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎applications/openshift/kubelet/kubelet_configure_tls_cipher_suites/tests/nomatch.fail.sh‎
Lines changed: 2 additions & 2 deletions b/‎applications/openshift/kubelet/kubelet_configure_tls_cipher_suites/tests/nomatch.fail.sh‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎applications/openshift/kubelet/kubelet_configure_tls_min_version/rule.yml‎
Lines changed: 1 addition & 1 deletion b/‎applications/openshift/kubelet/kubelet_configure_tls_min_version/rule.yml‎
Lines changed: 1 addition & 1 deletion
@@ -54,7 +54,7 @@ ocil: |-
 template:
     name: yamlfile_value
     vars:
-        filepath: '/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig'
+        filepath: '/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig'
         yamlpath: ".kubeletconfig.authentication.anonymous.enabled"
         check_existence: "all_exist"
         values:
 
@@ -50,7 +50,7 @@ ocil: |-
 template:
     name: yamlfile_value
     vars:
-        filepath: '/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig'
+        filepath: '/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig'
         yamlpath: ".kubeletconfig.authorization.mode"
         check_existence: "all_exist"
         values:
 
@@ -55,7 +55,7 @@ references:
 template:
     name: yamlfile_value
     vars:
-        filepath: '/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig'
+        filepath: '/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig'
         yamlpath: ".kubeletconfig.authentication.x509.clientCAFile"
         check_existence: "all_exist"
         values:
 
@@ -63,7 +63,7 @@ references:
 template:
     name: yamlfile_value
     vars:
-        filepath: '/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig'
+        filepath: '/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig'
         yamlpath: ".kubeletconfig.eventRecordQPS"
         check_existence: "all_exist"
         values:
 
@@ -1,8 +1,8 @@
 #!/bin/bash
 # remediation = none
 
-mkdir -p "/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig"
+mkdir -p "/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig"
 
-cat << EOF > /etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig/openscap-kubeletconfig
+cat << EOF > /var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig/openscap-kubeletconfig
 {"kubeletconfig":{"enableServer":true,"staticPodPath":"/etc/kubernetes/manifests","syncFrequency":"1m0s","fileCheckFrequency":"20s","httpCheckFrequency":"20s","address":"0.0.0.0","port":10250,"tlsCipherSuites":["TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"],"tlsMinVersion":"VersionTLS12","rotateCertificates":true,"serverTLSBootstrap":true,"authentication":{"x509":{"clientCAFile":"/etc/kubernetes/kubelet-ca.crt"},"webhook":{"enabled":true,"cacheTTL":"2m0s"},"anonymous":{"enabled":false}},"authorization":{"mode":"Webhook","webhook":{"cacheAuthorizedTTL":"5m0s","cacheUnauthorizedTTL":"30s"}},"registryPullQPS":5,"registryBurst":10,"eventRecordQPS":5,"eventBurst":10,"enableDebuggingHandlers":true,"healthzPort":10248,"healthzBindAddress":"127.0.0.1","oomScoreAdj":-999,"clusterDomain":"cluster.local","clusterDNS":["172.30.0.10"],"streamingConnectionIdleTimeout":"4h0m0s","nodeStatusUpdateFrequency":"10s","nodeStatusReportFrequency":"5m0s","nodeLeaseDurationSeconds":40,"imageMinimumGCAge":"2m0s","imageGCHighThresholdPercent":85,"imageGCLowThresholdPercent":80,"volumeStatsAggPeriod":"1m0s","systemCgroups":"/system.slice","cgroupRoot":"/","cgroupsPerQOS":true,"cgroupDriver":"systemd","cpuManagerPolicy":"none","cpuManagerReconcilePeriod":"10s","memoryManagerPolicy":"None","topologyManagerPolicy":"none","topologyManagerScope":"container","runtimeRequestTimeout":"2m0s","hairpinMode":"promiscuous-bridge","maxPods":250,"podPidsLimit":4096,"resolvConf":"/etc/resolv.conf","cpuCFSQuota":true,"cpuCFSQuotaPeriod":"100ms","nodeStatusMaxImages":50,"maxOpenFiles":1000000,"contentType":"application/vnd.kubernetes.protobuf","kubeAPIQPS":50,"kubeAPIBurst":100,"serializeImagePulls":false,"evictionHard":{"imagefs.available":"15%","imagefs.inodesfree":"15%","memory.available":"100Mi","nodefs.available":"10%","nodefs.inodesFree":"5%"},"evictionSoft":{"imagefs.available":"15%","imagefs.inodesfree":"15%","memory.available":"100Mi","nodefs.available":"10%","nodefs.inodesFree":"5%"},"evictionPressureTransitionPeriod":"5m0s","enableControllerAttachDetach":true,"makeIPTablesUtilChains":true,"iptablesMasqueradeBit":14,"iptablesDropBit":15,"featureGates":{"APIPriorityAndFairness":true,"CSIMigrationAzureFile":false,"CSIMigrationvSphere":false,"DownwardAPIHugePages":true,"RotateKubeletServerCertificate":true},"failSwapOn":true,"memorySwap":{},"containerLogMaxSize":"50Mi","containerLogMaxFiles":5,"configMapAndSecretChangeDetectionStrategy":"Watch","systemReserved":{"cpu":"500m","ephemeral-storage":"1Gi","memory":"1Gi"},"enforceNodeAllocatable":["pods"],"volumePluginDir":"/etc/kubernetes/kubelet-plugins/volume/exec","providerID":"aws:///us-west-1b/i-0b15fe350572ea633","logging":{"format":"text","flushFrequency":5000000000,"verbosity":2,"options":{"json":{"infoBufferSize":"0"}}},"enableSystemLogHandler":true,"shutdownGracePeriod":"0s","shutdownGracePeriodCriticalPods":"0s","enableProfilingHandler":true,"enableDebugFlagsHandler":true,"seccompDefault":false,"memoryThrottlingFactor":0.8,"registerWithTaints":[{"key":"node-role.kubernetes.io/master","effect":"NoSchedule"}],"registerNode":true,"localStorageCapacityIsolation":true}}
 EOF
@@ -1,8 +1,8 @@
 #!/bin/bash
 # remediation = none
 
-mkdir -p "/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig"
+mkdir -p "/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig"
 
-cat << EOF > /etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig/openscap-kubeletconfig
+cat << EOF > /var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig/openscap-kubeletconfig
 {"kubeletconfig":{"enableServer":true,"staticPodPath":"/etc/kubernetes/manifests","syncFrequency":"1m0s","fileCheckFrequency":"20s","httpCheckFrequency":"20s","address":"0.0.0.0","port":10250,"tlsCipherSuites":["TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"],"tlsMinVersion":"VersionTLS12","rotateCertificates":true,"serverTLSBootstrap":true,"authentication":{"x509":{"clientCAFile":"/etc/kubernetes/kubelet-ca.crt"},"webhook":{"enabled":true,"cacheTTL":"2m0s"},"anonymous":{"enabled":false}},"authorization":{"mode":"Webhook","webhook":{"cacheAuthorizedTTL":"5m0s","cacheUnauthorizedTTL":"30s"}},"registryPullQPS":5,"registryBurst":10,"eventRecordQPS":0,"eventBurst":10,"enableDebuggingHandlers":true,"healthzPort":10248,"healthzBindAddress":"127.0.0.1","oomScoreAdj":-999,"clusterDomain":"cluster.local","clusterDNS":["172.30.0.10"],"streamingConnectionIdleTimeout":"4h0m0s","nodeStatusUpdateFrequency":"10s","nodeStatusReportFrequency":"5m0s","nodeLeaseDurationSeconds":40,"imageMinimumGCAge":"2m0s","imageGCHighThresholdPercent":85,"imageGCLowThresholdPercent":80,"volumeStatsAggPeriod":"1m0s","systemCgroups":"/system.slice","cgroupRoot":"/","cgroupsPerQOS":true,"cgroupDriver":"systemd","cpuManagerPolicy":"none","cpuManagerReconcilePeriod":"10s","memoryManagerPolicy":"None","topologyManagerPolicy":"none","topologyManagerScope":"container","runtimeRequestTimeout":"2m0s","hairpinMode":"promiscuous-bridge","maxPods":250,"podPidsLimit":4096,"resolvConf":"/etc/resolv.conf","cpuCFSQuota":true,"cpuCFSQuotaPeriod":"100ms","nodeStatusMaxImages":50,"maxOpenFiles":1000000,"contentType":"application/vnd.kubernetes.protobuf","kubeAPIQPS":50,"kubeAPIBurst":100,"serializeImagePulls":false,"evictionPressureTransitionPeriod":"5m0s","enableControllerAttachDetach":true,"makeIPTablesUtilChains":true,"iptablesMasqueradeBit":14,"iptablesDropBit":15,"featureGates":{"APIPriorityAndFairness":true,"CSIMigrationAzureFile":false,"CSIMigrationvSphere":false,"DownwardAPIHugePages":true,"RotateKubeletServerCertificate":true},"failSwapOn":true,"memorySwap":{},"containerLogMaxSize":"50Mi","containerLogMaxFiles":5,"configMapAndSecretChangeDetectionStrategy":"Watch","systemReserved":{"cpu":"500m","ephemeral-storage":"1Gi","memory":"1Gi"},"enforceNodeAllocatable":["pods"],"volumePluginDir":"/etc/kubernetes/kubelet-plugins/volume/exec","providerID":"aws:///us-west-1b/i-0b15fe350572ea633","logging":{"format":"text","flushFrequency":5000000000,"verbosity":2,"options":{"json":{"infoBufferSize":"0"}}},"enableSystemLogHandler":true,"shutdownGracePeriod":"0s","shutdownGracePeriodCriticalPods":"0s","enableProfilingHandler":true,"enableDebugFlagsHandler":true,"seccompDefault":false,"memoryThrottlingFactor":0.8,"registerWithTaints":[{"key":"node-role.kubernetes.io/master","effect":"NoSchedule"}],"registerNode":true,"localStorageCapacityIsolation":true}}
 EOF
@@ -71,7 +71,7 @@ ocil: |-
 template:
     name: yamlfile_value
     vars:
-        filepath: '/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig'
+        filepath: '/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig'
         yamlpath: ".kubeletconfig.tlsCipherSuites[:]"
         xccdf_variable: var_kubelet_tls_cipher_suites_regex
         regex_data: true
@@ -1,8 +1,8 @@
 #!/bin/bash
 # remediation = none
 
-mkdir -p "/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig"
+mkdir -p "/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig"
 
-cat << EOF > /etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig/openscap-kubeletconfig
+cat << EOF > /var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig/openscap-kubeletconfig
 {"kubeletconfig":{"enableServer":true,"staticPodPath":"/etc/kubernetes/manifests","syncFrequency":"1m0s","fileCheckFrequency":"20s","httpCheckFrequency":"20s","address":"0.0.0.0","port":10250,"tlsCipherSuites":["TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"],"tlsMinVersion":"VersionTLS12","rotateCertificates":true,"serverTLSBootstrap":true,"authentication":{"x509":{"clientCAFile":"/etc/kubernetes/kubelet-ca.crt"},"webhook":{"enabled":true,"cacheTTL":"2m0s"},"anonymous":{"enabled":false}},"authorization":{"mode":"Webhook","webhook":{"cacheAuthorizedTTL":"5m0s","cacheUnauthorizedTTL":"30s"}},"registryPullQPS":5,"registryBurst":10,"eventRecordQPS":5,"eventBurst":10,"enableDebuggingHandlers":true,"healthzPort":10248,"healthzBindAddress":"127.0.0.1","oomScoreAdj":-999,"clusterDomain":"cluster.local","clusterDNS":["172.30.0.10"],"streamingConnectionIdleTimeout":"4h0m0s","nodeStatusUpdateFrequency":"10s","nodeStatusReportFrequency":"5m0s","nodeLeaseDurationSeconds":40,"imageMinimumGCAge":"2m0s","imageGCHighThresholdPercent":85,"imageGCLowThresholdPercent":80,"volumeStatsAggPeriod":"1m0s","systemCgroups":"/system.slice","cgroupRoot":"/","cgroupsPerQOS":true,"cgroupDriver":"systemd","cpuManagerPolicy":"none","cpuManagerReconcilePeriod":"10s","memoryManagerPolicy":"None","topologyManagerPolicy":"none","topologyManagerScope":"container","runtimeRequestTimeout":"2m0s","hairpinMode":"promiscuous-bridge","maxPods":250,"podPidsLimit":4096,"resolvConf":"/etc/resolv.conf","cpuCFSQuota":true,"cpuCFSQuotaPeriod":"100ms","nodeStatusMaxImages":50,"maxOpenFiles":1000000,"contentType":"application/vnd.kubernetes.protobuf","kubeAPIQPS":50,"kubeAPIBurst":100,"serializeImagePulls":false,"evictionHard":{"imagefs.available":"15%","imagefs.inodesfree":"15%","memory.available":"100Mi","nodefs.available":"10%","nodefs.inodesFree":"5%"},"evictionSoft":{"imagefs.available":"15%","imagefs.inodesfree":"15%","memory.available":"100Mi","nodefs.available":"10%","nodefs.inodesFree":"5%"},"evictionPressureTransitionPeriod":"5m0s","enableControllerAttachDetach":true,"makeIPTablesUtilChains":true,"iptablesMasqueradeBit":14,"iptablesDropBit":15,"featureGates":{"APIPriorityAndFairness":true,"CSIMigrationAzureFile":false,"CSIMigrationvSphere":false,"DownwardAPIHugePages":true,"RotateKubeletServerCertificate":true},"failSwapOn":true,"memorySwap":{},"containerLogMaxSize":"50Mi","containerLogMaxFiles":5,"configMapAndSecretChangeDetectionStrategy":"Watch","systemReserved":{"cpu":"500m","ephemeral-storage":"1Gi","memory":"1Gi"},"enforceNodeAllocatable":["pods"],"volumePluginDir":"/etc/kubernetes/kubelet-plugins/volume/exec","providerID":"aws:///us-west-1b/i-0b15fe350572ea633","logging":{"format":"text","flushFrequency":5000000000,"verbosity":2,"options":{"json":{"infoBufferSize":"0"}}},"enableSystemLogHandler":true,"shutdownGracePeriod":"0s","shutdownGracePeriodCriticalPods":"0s","enableProfilingHandler":true,"enableDebugFlagsHandler":true,"seccompDefault":false,"memoryThrottlingFactor":0.8,"registerWithTaints":[{"key":"node-role.kubernetes.io/master","effect":"NoSchedule"}],"registerNode":true,"localStorageCapacityIsolation":true}}
 EOF
@@ -1,8 +1,8 @@
 #!/bin/bash
 # remediation = none
 
-mkdir -p "/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig"
+mkdir -p "/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig"
 
-cat << EOF > /etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig/openscap-kubeletconfig
+cat << EOF > /var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig/openscap-kubeletconfig
 {"kubeletconfig":{"enableServer":true,"staticPodPath":"/etc/kubernetes/manifests","syncFrequency":"1m0s","fileCheckFrequency":"20s","httpCheckFrequency":"20s","address":"0.0.0.0","port":10250,"tlsCipherSuites":["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"],"tlsMinVersion":"VersionTLS12","rotateCertificates":true,"serverTLSBootstrap":true,"authentication":{"x509":{"clientCAFile":"/etc/kubernetes/kubelet-ca.crt"},"webhook":{"enabled":true,"cacheTTL":"2m0s"},"anonymous":{"enabled":false}},"authorization":{"mode":"Webhook","webhook":{"cacheAuthorizedTTL":"5m0s","cacheUnauthorizedTTL":"30s"}},"registryPullQPS":5,"registryBurst":10,"eventRecordQPS":0,"eventBurst":10,"enableDebuggingHandlers":true,"healthzPort":10248,"healthzBindAddress":"127.0.0.1","oomScoreAdj":-999,"clusterDomain":"cluster.local","clusterDNS":["172.30.0.10"],"streamingConnectionIdleTimeout":"4h0m0s","nodeStatusUpdateFrequency":"10s","nodeStatusReportFrequency":"5m0s","nodeLeaseDurationSeconds":40,"imageMinimumGCAge":"2m0s","imageGCHighThresholdPercent":85,"imageGCLowThresholdPercent":80,"volumeStatsAggPeriod":"1m0s","systemCgroups":"/system.slice","cgroupRoot":"/","cgroupsPerQOS":true,"cgroupDriver":"systemd","cpuManagerPolicy":"none","cpuManagerReconcilePeriod":"10s","memoryManagerPolicy":"None","topologyManagerPolicy":"none","topologyManagerScope":"container","runtimeRequestTimeout":"2m0s","hairpinMode":"promiscuous-bridge","maxPods":250,"podPidsLimit":4096,"resolvConf":"/etc/resolv.conf","cpuCFSQuota":true,"cpuCFSQuotaPeriod":"100ms","nodeStatusMaxImages":50,"maxOpenFiles":1000000,"contentType":"application/vnd.kubernetes.protobuf","kubeAPIQPS":50,"kubeAPIBurst":100,"serializeImagePulls":false,"evictionPressureTransitionPeriod":"5m0s","enableControllerAttachDetach":true,"makeIPTablesUtilChains":true,"iptablesMasqueradeBit":14,"iptablesDropBit":15,"featureGates":{"APIPriorityAndFairness":true,"CSIMigrationAzureFile":false,"CSIMigrationvSphere":false,"DownwardAPIHugePages":true,"RotateKubeletServerCertificate":true},"failSwapOn":true,"memorySwap":{},"containerLogMaxSize":"50Mi","containerLogMaxFiles":5,"configMapAndSecretChangeDetectionStrategy":"Watch","systemReserved":{"cpu":"500m","ephemeral-storage":"1Gi","memory":"1Gi"},"enforceNodeAllocatable":["pods"],"volumePluginDir":"/etc/kubernetes/kubelet-plugins/volume/exec","providerID":"aws:///us-west-1b/i-0b15fe350572ea633","logging":{"format":"text","flushFrequency":5000000000,"verbosity":2,"options":{"json":{"infoBufferSize":"0"}}},"enableSystemLogHandler":true,"shutdownGracePeriod":"0s","shutdownGracePeriodCriticalPods":"0s","enableProfilingHandler":true,"enableDebugFlagsHandler":true,"seccompDefault":false,"memoryThrottlingFactor":0.8,"registerWithTaints":[{"key":"node-role.kubernetes.io/master","effect":"NoSchedule"}],"registerNode":true,"localStorageCapacityIsolation":true}}
 EOF
@@ -87,7 +87,7 @@ ocil: |-
 template:
     name: yamlfile_value
     vars:
-        filepath: '/etc/kubernetes/compliance-operator/kubeletconfig/openscap-kubeletconfig'
+        filepath: '/var/run/compliance-operator/kubeletconfig/openscap-kubeletconfig'
         yamlpath: ".kubeletconfig.tlsMinVersion"
         xccdf_variable: var_kubelet_tls_min_version_regex
         regex_data: true