Policy Types

Kyverno offers multiple policy types.

ClusterPolicy

A ClusterPolicy defines rules to validate, mutate, generate resources and verify images. A ClusterPolicy is a cluster-wider resource. The namespaced Policy type provides the same functions for a single Namespace.

Cleanup Policy

Cleanup Policy deletes Kubernetes resources based on policy conditions.

ValidatingPolicy

A ValidatingPolicy validates Kubernetes resource or JSON payloads.

ImageValidatingPolicy

An ImageValidatingPolicy validates image signatures and attestations.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified March 23, 2025 at 6:26 PM PST: rename dir (#1493) (010ba3f)