ClusterPolicy
Validate, mutate, generate resources; verify image signatures and attestations.
Kyverno offers multiple policy types decribed below. Kyverno’s mission is to be the best policy engine for Kubernetes, and allow applying Kubernetes style policies everywhere. As Kubernetes has evolved, Kyverno is also evolving its APIs. The Kyverno ValidatingPolicy and ImageValidatingPolicy types were introduced in v1.15 (July 2025), and MutatingPolicy, GeneratingPolicy, and DeletingPolicy were added in v1.15 (July 2025).
Validate, mutate, generate resources; verify image signatures and attestations.
Delete matching resources based on a schedule
Validate Kubernetes resources or JSON payloads
Verify container image signatures and attestations
Mutate new or existing resources
Create or clone resources based on flexible triggers
Deletes matching resources based on a schedule
Extended CEL functions for complex policy logic and advanced features
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.