diff --git a/assets/queries/k8s/kubelet_client_periodic_certificate_switch_disabled/query.rego b/assets/queries/k8s/kubelet_client_periodic_certificate_switch_disabled/query.rego
index bc2a93d5502..f79d9f94025 100644
--- a/assets/queries/k8s/kubelet_client_periodic_certificate_switch_disabled/query.rego
+++ b/assets/queries/k8s/kubelet_client_periodic_certificate_switch_disabled/query.rego
@@ -5,6 +5,7 @@ import data.generic.k8s as k8sLib
 
 CxPolicy[result] {
 	resource := input.document[i]
+	metadata := resource.metadata
 	specInfo := k8sLib.getSpecInfo(resource)
 	types := {"initContainers", "containers"}
 	container := specInfo.spec[types[x]][j]
@@ -15,7 +16,7 @@ CxPolicy[result] {
 
 	result := {
 		"documentId": input.document[i].id,
-		"searchKey": sprintf("spec.command", []),
+		"searchKey": sprintf("metadata.name={{%s}}.%s.%s.name={{%s}}.command", [metadata.name, specInfo.path, types[x], container.name]),
 		"issueType": "IncorrectValue",
 		"keyExpectedValue": "--rotate-certificates flag to be true",
 		"keyActualValue": "--rotate-certificates flag is false",
diff --git a/assets/queries/k8s/kubelet_not_managing_ip_tables/query.rego b/assets/queries/k8s/kubelet_not_managing_ip_tables/query.rego
index 6aa4b864be1..79ce3877239 100644
--- a/assets/queries/k8s/kubelet_not_managing_ip_tables/query.rego
+++ b/assets/queries/k8s/kubelet_not_managing_ip_tables/query.rego
@@ -16,7 +16,7 @@ CxPolicy[result] {
 
 	result := {
 		"documentId": input.document[i].id,
-		"searchKey": sprintf("spec.command", []),
+		"searchKey": sprintf("metadata.name={{%s}}.%s.%s.name={{%s}}.command", [metadata.name, specInfo.path, types[x], container.name]),
 		"issueType": "IncorrectValue",
 		"keyExpectedValue": "--make-iptables-util-chains flag to be true",
 		"keyActualValue": "--make-iptables-util-chains= flag is false",
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive_expected_result.json b/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive_expected_result.json
deleted file mode 100644
index 6d48e121f3e..00000000000
--- a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive_expected_result.json
+++ /dev/null
@@ -1,20 +0,0 @@
-[
-	{
-		"queryName": "Kubelet Server Periodic Certificate Switch Disabled",
-		"severity": "MEDIUM",
-		"line": 8,
-        "filename": "positive1.yaml"
-	},
-    {
-		"queryName": "Kubelet Server Periodic Certificate Switch Disabled",
-		"severity": "MEDIUM",
-		"line": 11,
-        "filename": "positive2.yaml"
-	},
-    {
-		"queryName": "Kubelet Server Periodic Certificate Switch Disabled",
-		"severity": "MEDIUM",
-		"line": 8,
-        "filename": "positive3.json"
-	}
-]
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/metadata.json b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/metadata.json
similarity index 64%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/metadata.json
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/metadata.json
index dbd28c82891..89095752b6e 100644
--- a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/metadata.json
+++ b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/metadata.json
@@ -1,9 +1,9 @@
 {
     "id": "1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2",
-    "queryName": "Kubelet Server Periodic Certificate Switch Disabled",
+    "queryName": "Rotate Kubelet Server Certificate Not Active",
     "severity": "MEDIUM",
     "category": "Secret Management",
-    "descriptionText": "Kubelet argument RotateKubeletServerCertificate should be true",
+    "descriptionText": "The RotateKubeletServerCertificate argument should be true",
     "descriptionUrl": "https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/",
     "platform": "Kubernetes",
     "descriptionID": "a4f48785"
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/query.rego b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/query.rego
similarity index 66%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/query.rego
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/query.rego
index 9d0d819cb34..0986e37bb27 100644
--- a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/query.rego
+++ b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/query.rego
@@ -3,19 +3,23 @@ package Cx
 import data.generic.common as common_lib
 import data.generic.k8s as k8sLib
 
+commandList = {"kubelet", "kube-controller-manager"}
+
 CxPolicy[result] {
 	resource := input.document[i]
+	metadata := resource.metadata
 	specInfo := k8sLib.getSpecInfo(resource)
 	types := {"initContainers", "containers"}
 	container := specInfo.spec[types[x]][j]
-	command := "kubelet"
+	command := commandList[_]
 
 	common_lib.inArray(container.command, command)
-	k8sLib.hasFlag(container, "--feature-gates=RotateKubeletServerCertificate=false")
+	k8sLib.startWithFlag(container,"--feature-gates=")
+	contains_feature(container, "RotateKubeletServerCertificate=false")
 
 	result := {
 		"documentId": input.document[i].id,
-		"searchKey": sprintf("spec.command", []),
+		"searchKey": sprintf("metadata.name={{%s}}.%s.%s.name={{%s}}.command", [metadata.name, specInfo.path, types[x], container.name]),
 		"issueType": "IncorrectValue",
 		"keyExpectedValue": "--feature-gates=RotateKubeletServerCertificate flag to be true",
 		"keyActualValue": "--feature-gates=RotateKubeletServerCertificate flag is false",
@@ -37,3 +41,14 @@ CxPolicy[result] {
 		"keyActualValue": "RotateKubeletServerCertificate is false",
 	}
 }
+
+
+contains_feature(container, feature){
+	contains_in_array(container.command, feature)
+} else {
+	contains_in_array(container.args, feature)
+}
+
+contains_in_array(arr, item) {
+    contains(arr[_], item)
+}
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative1.yaml b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative1.yaml
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative1.yaml
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative1.yaml
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative2.yaml b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative2.yaml
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative2.yaml
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative2.yaml
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative3.yaml b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative3.yaml
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative3.yaml
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative3.yaml
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative4.yaml b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative4.yaml
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative4.yaml
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative4.yaml
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative5.json b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative5.json
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative5.json
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative5.json
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative6.json b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative6.json
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/negative6.json
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/negative6.json
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive1.yaml b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive1.yaml
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive1.yaml
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive1.yaml
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive2.yaml b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive2.yaml
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive2.yaml
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive2.yaml
diff --git a/assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive3.json b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive3.json
similarity index 100%
rename from assets/queries/k8s/kubelet_server_periodic_certificate_switch_disabled/test/positive3.json
rename to assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive3.json
diff --git a/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive4.yaml b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive4.yaml
new file mode 100644
index 00000000000..f09cbb6e5ce
--- /dev/null
+++ b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive4.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: command-demo
+  labels:
+    purpose: demonstrate-command
+spec:
+  containers:
+    - name: command-demo-container7
+      image: gcr.io/google_containers/kube-apiserver-amd64:v1.6.0
+      command: ["kube-controller-manager"]
+      args: ["--feature-gates=RotateKubeletServerCertificate=false"]
+  restartPolicy: OnFailure
diff --git a/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive_expected_result.json b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive_expected_result.json
new file mode 100644
index 00000000000..a1169399df7
--- /dev/null
+++ b/assets/queries/k8s/rotate_kubelet_server_certificate_not_active/test/positive_expected_result.json
@@ -0,0 +1,25 @@
+[
+	{
+		"queryName": "Rotate Kubelet Server Certificate Not Active",
+		"severity": "MEDIUM",
+		"line": 8,
+        "filename": "positive1.yaml"
+	},
+    {
+		"queryName": "Rotate Kubelet Server Certificate Not Active",
+		"severity": "MEDIUM",
+		"line": 11,
+        "filename": "positive2.yaml"
+	},
+    {
+		"queryName": "Rotate Kubelet Server Certificate Not Active",
+		"severity": "MEDIUM",
+		"line": 8,
+        "filename": "positive3.json"
+	},{
+		"queryName": "Rotate Kubelet Server Certificate Not Active",
+		"severity": "MEDIUM",
+		"line": 11,
+        "filename": "positive4.yaml"
+	}
+]