Search results for: kyverno

Kyverno completes fuzzing security audit

Posted on September 12, 2023 | By Adam Korczynski

Project post originally published on the Kyverno blog by Adam Korczynski Presenting the results from the fuzzing security audit Kyverno, a CNCF policy engine for Kubernetes, is happy to announce the completion of its fuzzing security audit. The…

Verifying images in a private Amazon ECR with Kyverno and IAM Roles for Service Accounts (IRSA)

Posted on August 29, 2023 | By Shuting Zhao

Community post originally published on GitHub by Shuting Zhao, a maintainer of Kyverno When running workloads in Amazon Elastic Kubernetes Service (EKS), it is essential to ensure supply chain security by verifying container image signatures and other metadata….

One-time pass codes for Kyverno

Posted on August 11, 2023

Community post originally published on Neon Mirrors by Chip Zoller In real life, imposed rules often have cases where exceptions may be required but on a case-by-case basis. Policy is really no different here. While prevention of objectively…

Using Kyverno with Pod Security Admission

Posted on July 18, 2023

Guest post originally published on the Kyverno blog by Kyverno Maintainers Using Pod Security Admission with Kyverno for the best of both worlds. Pod Security Admission (PSA) is the built-in successor to Kubernetes PodSecurityPolicy (PSP) and is enabled by default starting…

PodSecurityPolicy migration with Kyverno

Posted on July 12, 2023

Project post originally published on the Kyverno blog As you’ve probably heard, PodSecurityPolicy (PSP) in Kubernetes is no more. After a deprecation beginning in v1.21, they were finally removed in v1.25. Many organizations out there are still relying on PSPs…

Kyverno 1.10 released

Posted on May 31, 2023

Project post originally published on the Kyverno blog Kyverno 1.10 released with featuring separate controllers, external service calls, Notary support, and tons more! The Kyverno team are proud to announce the release of Kyverno 1.10, a minor release…

Kyverno — verify Kubernetes control plane images

Posted on May 1, 2023 | By Charles-Edouard Brétéché

Guest post originally published on Medium by Charles-Edouard Brétéché In this story we are going to deploy a local Kubernetes cluster using kind, then we will deploy Kyverno and use it to verify Kubernetes control plane images signature. What is Kyverno ? Kyverno is an open-source policy engine for Kubernetes that allows you to…

Announcing the Kyverno 1.10 Pre-Release

Posted on April 18, 2023

Project post also on the Nirmata blog by the Kyverno maintainers Kyverno is a policy engine built for Kubernetes that helps secure and automate Kubernetes configurations. In Kubernetes policies are configurations that govern the configuration and runtime behaviors…

Preserving authorship in a GitOps world with Kyverno

Posted on March 17, 2023

Community post originally posted on Neon Mirrors by Chip Zoller It seems just about everyone is doing GitOps in Kubernetes these days. With so many available tools and the maturity of them, it’s hard to avoid it. But…

My first experience with Kyverno: 🤯🤩

Posted on March 7, 2023 | By Mathieu Benoit

Community post originally published on Medium by Mathieu Benoit I wanted (needed?) to give Kyverno a try, to learn more about it. Here we are! When I was attending KubeCon NA 2022, I noticed the maturity and importance of Kyverno. Concrete…