Kyverno policies are Kubernetes resources and there is no new language to learn. Kyverno can block insecure and non-compliant configurations during admission controls, report violations, and automate resource generation using dynamic triggers.
In complex systems, policies drive autonomy and alignment across roles. Kubernetes policies establish a digital contract across developers and operations teams. The Nirmata platform provides a unified Kubernetes management plane, and Kyverno started life as a module in the platform. Kyverno was moved into the Kubernetes control plane once custom resource definitions and admission control webhooks were supported by Kubernetes.
To make it easy to secure and manage any Kubernetes cluster, Nirmata open sourced Kyverno under an Apache v2 license, and donated Kyverno to the CNCF in November of 2020. Nirmata continues to build the community and grow Kyverno by developing new features and capabilities.
Benefits of Kyverno
Kyverno, a Kubernetes-native policy engine, solves several common problems with managing Kubernetes clusters at scale and enables clear separation of concerns across developers and operators.
Learning a complex new language is not required. Like native resources, Kyverno policies are declarative and since Kyverno is focused on Kubernetes it leverages Kubernetes patterns and best practices and hence is intuitive to use.
Kyverno makes Kubernetes secure by default and provides a more flexible alternative for pod security. When applied with other Policy-as-Code best practices, Kyverno helps enable secure self-service for developers to drive agility and increase productivity.
Nirmata Enterprise Subscription for Kyverno
SLA-based production support. Get support from the creators and the maintainers of Kyverno. Our range of support services can help organizations reduce the complexity and empower DevSecOps teams with the ability to scale and adapt their Cloud Native environments and applications while maintaining security, compliance and operational readiness.
Training on best practices and policy development, security and compliance. Get hands-on training on how best to leverage Kyverno, and also help to jumpstart policy development for your deployment.
Curated policy Sets. Obtain curated sets of Kubernetes policies for security and best practices compliance, tested with a matrix of supported Kubernetes releases.