Add pre requisite rules for Req 8.2 and 8.3

Sections 8.2 and 8.3 are heavily dependant on the selected identity provider and removal of kubeadmin user. So rules for these tow aspects were added to the controls.
ComplianceAsCode · Jul 15, 2024 · 80eaadb · 80eaadb
1 parent 504ec6c
commit 80eaadb
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/controls/pcidss_4_ocp4.yml b/controls/pcidss_4_ocp4.yml
@@ -2024,6 +2024,12 @@ controls:
     levels:
       - base
     status: automated
+    notes: |-
+      For this control to be satisfiable an identity provider must be used and the kubeadmin user
+      needs to be removed.
+    rules:
+      - idp_is_configured
+      - kubeadmin_removed
     controls:
     - id: 8.2.1
       title: All users are assigned a unique ID before access to system components or cardholder
@@ -2162,6 +2168,12 @@ controls:
     levels:
       - base
     status: not applicable
+    notes: |-
+      For this control to be satisfiable an identity provider must be used and the kubeadmin user
+      needs to be removed.
+    rules:
+      - idp_is_configured
+      - kubeadmin_removed
     controls:
     - id: 8.3.1
       title: All user access to system components for users and administrators is authenticated.