Supported compliance profiles

There are several profiles available as part of the Compliance Operator (CO) installation.

Compliance profiles

The Compliance Operator provides the following compliance profiles:

Table 1. Supported compliance profiles
ProfileProfile titleCompliance Operator versionIndustry compliance benchmark

ocp4-cis

CIS Red Hat OpenShift Container Platform 4 Benchmark

0.1.39+

CIS Benchmarks ™ [1]

ocp4-cis-node

CIS Red Hat OpenShift Container Platform 4 Benchmark

0.1.39+

CIS Benchmarks ™ [1]

ocp4-e8

Australian Cyber Security Centre (ACSC) Essential Eight

0.1.39+

ACSC Hardening Linux Workstations and Servers

ocp4-moderate

NIST 800-53 Moderate-Impact Baseline for Red Hat OpenShift - Platform level

0.1.39+

NIST SP-800-53 Release Search

ocp4-moderate-node

NIST 800-53 Moderate-Impact Baseline for Red Hat OpenShift - Node level

0.1.44+

NIST SP-800-53 Release Search

ocp4-nerc-cip

North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) cybersecurity standards profile for the Red Hat OpenShift Container Platform - Platform level

0.1.44+

NERC CIP Standards

ocp4-nerc-cip-node

North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) cybersecurity standards profile for the Red Hat OpenShift Container Platform - Node level

0.1.44+

NERC CIP Standards

ocp4-pci-dss

PCI-DSS v3.2.1 Control Baseline for Red Hat OpenShift Container Platform 4

0.1.47+

PCI Security Standards ® Council Document Library

ocp4-pci-dss-node

PCI-DSS v3.2.1 Control Baseline for Red Hat OpenShift Container Platform 4

0.1.47+

PCI Security Standards ® Council Document Library

rhcos4-e8

Australian Cyber Security Centre (ACSC) Essential Eight

0.1.39+

ACSC Hardening Linux Workstations and Servers

rhcos4-moderate

NIST 800-53 Moderate-Impact Baseline for Red Hat Enterprise Linux CoreOS

0.1.39+

NIST SP-800-53 Release Search

rhcos4-nerc-cip

North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) cybersecurity standards profile for Red Hat Enterprise Linux CoreOS

0.1.44+

NERC CIP Standards

ocp4-high

NIST 800-53 High-Impact Baseline for Red Hat OpenShift - Platform level

0.1.52+

NIST SP-800-53 Release Search

ocp4-high-node

NIST 800-53 High-Impact Baseline for Red Hat OpenShift - Node level

0.1.52+

NIST SP-800-53 Release Search

rhcos4-high

NIST 800-53 High-Impact Baseline for Red Hat Enterprise Linux CoreOS

0.1.52+

NIST SP-800-53 Release Search

Additional resources

  • For more information about viewing the compliance profiles available in your system, see Compliance Operator profiles in Understanding the Compliance Operator.

1. To locate the CIS RedHat OpenShift Container Platform v4 Benchmark, go to CIS Benchmarks and type Kubernetes in the search box. Click on Kubernetes and then Download Latest CIS Benchmark, where you can then register to download the benchmark.