diff --git a/x-pack/plugins/cloud_security_posture/common/schemas/csp_configuration.ts b/x-pack/plugins/cloud_security_posture/common/schemas/csp_configuration.ts
index f5d38e938e2cc..a796ace382d13 100644
--- a/x-pack/plugins/cloud_security_posture/common/schemas/csp_configuration.ts
+++ b/x-pack/plugins/cloud_security_posture/common/schemas/csp_configuration.ts
@@ -7,8 +7,10 @@
 import { schema as rt, TypeOf } from '@kbn/config-schema';
 
 export const cspRulesConfigSchema = rt.object({
-  activated_rules: rt.object({
-    cis_k8s: rt.arrayOf(rt.string()),
+  data_yaml: rt.object({
+    activated_rules: rt.object({
+      cis_k8s: rt.arrayOf(rt.string()),
+    }),
   }),
 });
 
diff --git a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.test.ts b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.test.ts
index 27dcd3cee6703..d0326fb037b60 100644
--- a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.test.ts
+++ b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.test.ts
@@ -13,7 +13,6 @@ import {
   httpServerMock,
 } from '@kbn/core/server/mocks';
 import {
-  convertRulesConfigToYaml,
   createRulesConfig,
   defineUpdateRulesConfigRoute,
   getCspRules,
@@ -144,7 +143,9 @@ describe('Update rules configuration API', () => {
       ],
     } as unknown as SavedObjectsFindResponse<CspRuleSchema>;
     const cspConfig = await createRulesConfig(cspRules);
-    expect(cspConfig).toMatchObject({ activated_rules: { cis_k8s: ['cis_1_1_1', 'cis_1_1_3'] } });
+    expect(cspConfig).toMatchObject({
+      data_yaml: { activated_rules: { cis_k8s: ['cis_1_1_1', 'cis_1_1_3'] } },
+    });
   });
 
   it('create empty csp rules config when all rules are disabled', async () => {
@@ -169,21 +170,13 @@ describe('Update rules configuration API', () => {
       ],
     } as unknown as SavedObjectsFindResponse<CspRuleSchema>;
     const cspConfig = await createRulesConfig(cspRules);
-    expect(cspConfig).toMatchObject({ activated_rules: { cis_k8s: [] } });
-  });
-
-  it('validate converting rules config object to Yaml', async () => {
-    const cspRuleConfig = { activated_rules: { cis_k8s: ['1.1.1', '1.1.2'] } };
-
-    const dataYaml = convertRulesConfigToYaml(cspRuleConfig);
-
-    expect(dataYaml).toEqual('activated_rules:\n  cis_k8s:\n    - 1.1.1\n    - 1.1.2\n');
+    expect(cspConfig).toMatchObject({ data_yaml: { activated_rules: { cis_k8s: [] } } });
   });
 
   it('validate adding new data.yaml to package policy instance', async () => {
     const packagePolicy = createPackagePolicyMock();
 
-    const dataYaml = 'activated_rules:\n  cis_k8s:\n    - 1.1.1\n    - 1.1.2\n';
+    const dataYaml = 'data_yaml:\n  activated_rules:\n  cis_k8s:\n    - 1.1.1\n    - 1.1.2\n';
     const updatedPackagePolicy = setVarToPackagePolicy(packagePolicy, dataYaml);
 
     expect(updatedPackagePolicy.vars).toEqual({ dataYaml: { type: 'config', value: dataYaml } });
diff --git a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts
index 21587394d51e8..72c19fd5e37dd 100644
--- a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts
+++ b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts
@@ -66,8 +66,10 @@ export const createRulesConfig = (
 ): CspRulesConfigSchema => {
   const activatedRules = cspRules.saved_objects.filter((cspRule) => cspRule.attributes.enabled);
   const config = {
-    activated_rules: {
-      cis_k8s: activatedRules.map((activatedRule) => activatedRule.attributes.rego_rule_id),
+    data_yaml: {
+      activated_rules: {
+        cis_k8s: activatedRules.map((activatedRule) => activatedRule.attributes.rego_rule_id),
+      },
     },
   };
   return config;