Common configuration for all rules in a policy.
Identifying and filtering resources for policy evaluation.
Check resources configurations for policy compliance.
Modify resource configurations during admission or retroactively against existing resources.
Create new Kubernetes resources based on a policy and optionally keep them in sync.
Check container image signatures and attestations for software supply chain security.
Remove Kubernetes resources.
Create an exception to an existing policy using a PolicyException.
Defining and using variables in policies from multiple sources.
Fetch data from ConfigMaps, the Kubernetes API server, other cluster services, and image registries for use in Kyverno policies.
Automatically generate rules for Pod controllers.
Fine-grained control of policy rule execution based on variables and expressions.
The JSON query language behind Kyverno.
Tips and tricks for writing more effective policy.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.