# Viewing Kubernetes control rules {% note info %} This feature is at the [Preview](../../../overview/concepts/launch-stages.md) stage. {% endnote %} To view Kubernetes control rules, you need the `security-deck.viewer` role or higher for the folder containing the KSPM module resources. To view active Kubernetes control rules: {% list tabs group=instructions %} - Security Deck UI {#cloud-sd} 1. Go to [Yandex Security Deck](https://center.yandex.cloud/security/). 1. In the left-hand panel, select ![file-text](../../../_assets/console-icons/file-text.svg) **Rules and exceptions**. 1. At the top of the window, select the [workspace](../../concepts/workspace.md) for which you want to view the rule info. 1. On the **Security control rules** page that opens, go to the **Kubernetes®** tab. The section that opens lists the control rules that form a part of the [security standards](../../concepts/workspace.md#standards) specified for the current workspace. For each rule, the table displays the following information: {% note tip %} If you need to, you can change the info columns displayed in the table. Do it by clicking ![gear](../../../_assets/console-icons/gear.svg) in the row with the table column headers, selecting the info columns you need, and clicking **Apply**. {% endnote %} * ![traffic-light](../../../_assets/console-icons/traffic-light.svg): Rule criticality level; this icon indicates how security-critical the rule is: * ![cspm-rule-notice-icon](../../../_assets/security-deck/cspm-rule-notice-icon.svg): Remark * ![cspm-low-severity-icon](../../../_assets/security-deck/cspm-low-severity-icon.svg): Low severity * ![cspm-moderate-severity-icon](../../../_assets/security-deck/cspm-moderate-severity-icon.svg): Medium severity * ![cspm-high-severity-icon](../../../_assets/security-deck/cspm-high-severity-icon.svg): High severity * **Control rule**: Rule name and brief summary. * **Rule sets**: Icon(s) for the [security standards](../../concepts/workspace.md#standards) that are using this rule. If the icon is colored, it means the rule is checked for the corresponding standard. If the icon is gray, it means it is not. * **Rule type **: How the infrastructure controlled in the workspace is checked for compliance with this rule: * `runtime` * `admission` * **ID**: Rule ID in Yandex Cloud. * **Violations**: Number of detected rule violations. 1. To view detailed information about a specific Kubernetes control rule, click the table row with its name. The detailed info window that opens includes the following tabs: {% list tabs %} - Overview The **Overview** tab contains: * Rule ID. * [Set of security requirements](../../concepts/standard-compliance/index.md#security-rule-sets) the rule applies to. * Date and time of the most recent security check. * Check method: * `runtime`: Rule type applied to container runtimes and Kubernetes nodes. * `admission`: Rule type applied to Kubernetes cluster resources. * Details on the monitored features, their configurations, or actions performed with them. - Violations The **Violations** tab lists control rule violations detected during the checks. Detected violations will not appear in this list if they satisfy the [exception](../../concepts/cspm.md#exceptions) criteria specified for the rule. - Recommendations The **Recommendations** tab provides guides and solutions to assist you with rule compliance. {% endlist %} {% endlist %}