Kubernetes has a kind of up2date audit policy file in configure-helper.sh. Unfortunately, it does not include recent functionality. For example, it lacks exclusions for the CronJob controller (user= system:serviceaccount:kube-system:cronjob-controller).

Can anybody share a less verbose policy file?