diff --git a/defaults/main.yml b/defaults/main.yml
index e047f499..db879485 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -278,3 +278,6 @@ os_auditd_max_log_file_action: keep_logs
 os_selinux_state: enforcing
 # Set the SELinux polixy.
 os_selinux_policy: targeted
+
+hidepid_option: '2' # allowed values: 0, 1, 2
+proc_mnt_options: 'rw,nosuid,nodev,noexec,relatime,hidepid={{ hidepid_option }}'
diff --git a/vars/main.yml b/vars/main.yml
index a246c20f..7c8a1164 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -109,6 +109,3 @@ os_security_suid_sgid_system_whitelist:
 
 # system accounts that do not get their login disabled and pasword changed
 os_always_ignore_users: ['root', 'sync', 'shutdown', 'halt']
-
-hidepid_option: '2' # allowed values: 0, 1, 2
-proc_mnt_options: 'rw,nosuid,nodev,noexec,relatime,hidepid={{ hidepid_option }}'