Policy Settings
Common configuration for all rules in a policy.
Writing Policies
Create policies which can validate, mutate, and generate resources as well as perform verification of container images.
Select Resources
Use match and exclude to filter and select resources.
Mutate Resources
Modify resource configurations.
Verify Images
Check image signatures and add digests
Validate Resources
Check resource configurations for policy compliance.
Generate Resources
Create additional resources based on resource creation or updates.
Exceptions
Create an exception to an existing policy using a PolicyException.
Cleanup
Automate the resource cleanup process by using a CleanupPolicy.
Variables
Data-driven policies for reuse and intelligent decision making
External Data Sources
Use data from ConfigMaps, the Kubernetes API server, and image registries in Kyverno policies.
Preconditions
Control policy rule execution based on variables.
Auto-Gen Rules for Pod Controllers
Automatically generate rules for Pod controllers.
Background Scans
Manage applying policies to existing resources in a cluster.
Tips & Tricks
Tips and tricks for writing more effective policy.
JMESPath
The JSON query language behind Kyverno.
Last modified February 19, 2022 at 10:24 AM PST: [main] 1.6 updates (#477) (bc4c364)