Common configuration for all rules in a policy.
exclude to filter and select resources.
Modify resource configurations.
Check image signatures and add digests
Check resource configurations for policy compliance.
Create additional resources based on resource creation or updates.
Data-driven policies for reuse and intelligent decision making
Use data from ConfigMaps, the Kubernetes API server, and image registries in Kyverno policies.
Control policy rule execution based on variables.
Automatically generate rules for Pod controllers.
Manage applying policies to existing resources in a cluster.
Tips and tricks for writing more effective policy.
The JSON query language behind Kyverno.