diff --git a/specs/compliance/aws-eks-cis-1.4.yaml b/specs/compliance/aws-eks-cis-1.4.yaml
index f59f3cb3..8152cd09 100644
--- a/specs/compliance/aws-eks-cis-1.4.yaml
+++ b/specs/compliance/aws-eks-cis-1.4.yaml
@@ -30,6 +30,8 @@ spec:
     description: Ensure that the kubelet service file ownership is set to root:root
     checks:
       - id: AVD-KCV-0070
+    commands:
+        - id: CMD-0023
     severity: HIGH
   - id: 3.1.3
     name: Ensure that the kubelet configuration file has permissions set to 644 or more restrictive (Automated)
@@ -38,6 +40,8 @@ spec:
       --config argument, that file has permissions of 600 or more restrictive
     checks:
       - id: AVD-KCV-0077
+    commands:
+        - id: CMD-0030
     severity: HIGH
   - id: 3.1.4
     name: Ensure that the kubelet configuration file ownership is set to root:root (Automated)
@@ -46,12 +50,16 @@ spec:
       --config argument, that file is owned by root:root
     checks:
       - id: AVD-KCV-0078
+    commands:
+        - id: CMD-0031
     severity: HIGH
   - id: 3.2.1
     name: Ensure that the Anonymous Auth is Not Enabled (Automated)
     description: Disable anonymous requests to the Kubelet server.
     checks:
      - id: AVD-KCV-0079
+    commands:
+        - id: CMD-0032
     severity: CRITICAL
   - id: 3.2.2
     name: Ensure that the --authorization-mode argument is not set to AlwaysAllow (Automated)
@@ -64,6 +72,8 @@ spec:
     description: Enable Kubelet authentication using certificates.
     checks:
       - id: AVD-KCV-0081
+    commands:
+        - id: CMD-0034
     severity: CRITICAL
   - id: 3.2.4
     name: Ensure that the --read-only-port is disabled (Automated)
@@ -73,18 +83,24 @@ spec:
       potentially sensitive information about the cluster.
     checks:
       - id: AVD-KCV-0082
+    commands:
+        - id: CMD-0035
     severity: HIGH
   - id: 3.2.5
     name: Ensure that the --streaming-connection-idle-timeout argument is not set to 0 (Automated)
     description: Do not disable timeouts on streaming connections.
     checks:
       - id: AVD-KCV-0085
+    commands:
+        - id: CMD-0036
     severity: HIGH
   - id: 3.2.6
     name: Ensure that the --make-iptables-util-chains argument is set to true (Automated)
     description: Allow Kubelet to manage iptables.
     checks:
       - id: AVD-KCV-0084
+    commands:
+        - id: CMD-0038
     severity: HIGH
   - id: 3.2.7
     name: Ensure that the --eventRecordQPS argument is set to 0 or a level which ensures appropriate event capture (Manual)
@@ -101,6 +117,8 @@ spec:
     description: Enable kubelet client certificate rotation.
     checks:
       - id: AVD-KCV-0090
+    commands:
+        - id: CMD-0043
     severity: CRITICAL
   - id: 3.2.9
     name: Ensure that the RotateKubeletServerCertificate argument is set to true (Automated)
@@ -108,6 +126,8 @@ spec:
     checks:
       - id: AVD-KCV-0091
       - id: AVD-KCV-0038
+    commands:
+        - id: CMD-0044
     severity: CRITICAL
   - id: 3.3.1
     name: Prefer using a container-optimized OS when possible (Manual)