We are thrilled to announce the GA release of Red Hat Compliance Operator version 1.8, a key tool for auditing and enforcing security compliance on Red Hat OpenShift.
The focus of this release is significantly lowering the barrier to creating custom compliance definitions:
- ‼️ [Tech Prev] CustomRule CRDs with Common Expression Language (CEL): Customers can now define custom compliance checks using CEL. This eliminates the need to learn complex SCAP data streams or OVAL, enabling faster development of tailored compliance rules. (A detailed blog post is coming in early December.)
- Simplified Configuration: The Compliance Operator team has decoupled PV storage from scan result processing, greatly simplifying the operator configuration, especially for customers focused on detecting cluster changes.
Enhanced Security Profiles:
- Updated: DISA-STIG profile to V2R3 🏛️.
- Removed Deprecated Profiles: CIS OpenShift 1.4.0/1.5.0 and DISA STIG V1R1/V2R1 have been removed.
See the release notes on the Red Hat Customer Portal for full details.