Created by Nirmata and now a CNCF incubating project with over 2.4 billion downloads, Kyverno for Kubernetes policy enforcement and management for DevOps teams has become the de facto solution today. Why Kyverno? Read on!
Purpose built for Kubernetes, Kyverno works on any Kubernetes resource and not just Pods
Unlike other policy managers, policies are written as YAML and work like Kubernetes manifests - Kyverno makes policy updates easy
A Kyverno policy written for Pods applies automatically to all known Kubernetes Pod controllers - helping you automatically enforce policies on Deployments and StatefulSets
Kyverno has a library of ready-to-use policies for a wide array of usage on various Kubernetes and ecosystem resources and subjects
With Kyverno, easily test resources against a given set of policies to see how they'll react in a CI/CD pipeline, long before they hit an actual cluster
Kyverno's all-in-one policy report tool gives you graphical dashboards, alerts, and more
Kyverno offers backward compatibility to Kubernetes 1.16 to deliver pod security standards consistently and across versions
Kyverno can validate both container image signatures and any attestation statement without requiring complex bolt-on approaches - giving you immediate security in your supply chain delivery pipelines
With over 2.4 billion downloads, Kyverno is the most-preferred Kubernetes policy engine on GitHub
Kyverno is a game-changer for Platform Engineering teams by providing a powerful platform to create and manage Kubernetes policies. With Kyverno, teams can effortlessly validate, mutate, and generate Kubernetes resources, ensuring security, compliance, and reliability in their deployments. Moreover, Kyverno strengthens security by enabling the verification of container images within the software supply chain. Kyverno’s all-in-one solution streamlines the DevSecOps workflow, enhancing efficiency and confidence in Kubernetes operations while promoting best practices in security and compliance!
Chip Zoller, Kyverno Maintainer