// Search for existing rules that match a given requirement text. Identify rules that implement a specific control.
Create a template for checks and remediations
Create a new product in ComplianceAsCode project
Create Automatus test scenarios to test the given rule.
Create or update a versioned profile pair (versioned + unversioned extends pattern).
Build a ComplianceAsCode product
Create a new security rule with all required components
| name | find-rule |
| description | Search for existing rules that match a given requirement text. Identify rules that implement a specific control. |
Search for existing rules that match the following requirement:
$ARGUMENTS
Follow these steps:
Extract key concepts from the requirement text. Identify:
Respect scope constraints. If the user specifies a scope (e.g., "only OpenShift control plane", "only node-level"), restrict results to that scope. Do not return rules outside the requested scope. OCP4/Kubernetes rules live under applications/openshift/ and Linux rules live under linux_os/guide/. If no scope is specified, search both.
Search broadly across rule titles, descriptions, and template configurations:
applications/openshift/ and linux_os/guide/ for rule.yml filesCheck control files in controls/ and products/*/controls/ for matching control IDs or titles that already map to this requirement.
Note product applicability for each matched rule. Check the identifiers section of each rule.yml for cce@<product> entries (e.g., cce@ocp4, cce@rhel9). The product IDs after @ correspond to subdirectory names under products/. This tells the user which products the rule applies to.
Present results organized by match strength. For every rule, include a Rationale — a concise (1-2 sentence) explanation of why this rule satisfies or partially satisfies the requirement. Write the rationale so that a maintainer unfamiliar with the rule can understand the connection without reading the full rule.yml. Focus on what the rule checks and how that maps to the requirement.
Strong matches (title or template directly addresses the requirement):
Partial matches (related but not exact):
Weak matches (tangentially related):
Include a summary table at the end mapping requirement aspects to rule IDs, so the user can quickly see coverage.
Always suggest a control structure with a notes field that includes a concise rationale for each rule, explaining why it was included for this control. This helps maintainers understand the reasoning without needing to read every rule.yml. When no strong automated matches exist, say so clearly and use status: partial or status: manual as appropriate. Example:
- id: X.Y.Z
title: Control Title
status: automated
notes: |-
automated_rule_1 - Rationale for why this rule satisfies the control.
automated_rule_2 - Rationale for why this rule satisfies the control.
rules:
- automated_rule_1
- automated_rule_2
For partial or manual controls, also include guidance for assessors:
- id: X.Y.Z
title: Control Title
status: partial
notes: |-
automated_rule_1 - Rationale for why this rule partially covers the control.
The remaining aspects of this control require manual verification: [manual steps].
rules:
- automated_rule_1
When suggesting rules for partial/manual controls, only include rules that provide automated value. Omit rules that are themselves manual-only (no template, no automated check) unless they are the only matches available.
Rules can appear in multiple controls. The build system handles this correctly. Each control should list the complete set of rules needed to satisfy it, even if some rules also appear in other controls. This ensures each control is self-contained and readers don't need to cross-reference other controls to understand coverage.