From d288b20f99c1a0f878773397f608dc02e11633d9 Mon Sep 17 00:00:00 2001
From: vardhaman22 <vardhaman.surana@suse.com>
Date: Wed, 8 Jan 2025 17:00:06 +0530
Subject: [PATCH] k3s-cis-1.9: set 5.1.2 and 5.1.4 type as manual

---
 package/cfg/k3s-cis-1.9/policies.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/package/cfg/k3s-cis-1.9/policies.yaml b/package/cfg/k3s-cis-1.9/policies.yaml
index 4ee91f16..e4a2612b 100644
--- a/package/cfg/k3s-cis-1.9/policies.yaml
+++ b/package/cfg/k3s-cis-1.9/policies.yaml
@@ -32,6 +32,7 @@ groups:
         scored: true
 
       - id: 5.1.2
+        type: manual
         text: "Minimize access to secrets (Automated)"
         audit: "echo \"canGetListWatchSecretsAsSystemAuthenticated: $(kubectl auth can-i get,list,watch secrets --all-namespaces --as=system:authenticated)\""
         tests:
@@ -91,6 +92,7 @@ groups:
         scored: true
 
       - id: 5.1.4
+        type: manual
         text: "Minimize access to create pods (Automated)"
         audit: |
           echo "canCreatePodsAsSystemAuthenticated: $(kubectl auth can-i create pods --all-namespaces --as=system:authenticated)"