Kyverno 1.17 marks a major milestone in the project’s evolution, significantly expanding the power and flexibility of policy as code for Kubernetes platform teams.In this Cloud Native Live session, Kyverno maintainers will demo and walk through the most impactful features in the 1.17 release, with a strong focus on the continued transition from JMESPath to CEL. With feature parity now achieved—and exceeded—CEL policies gain access to powerful new capabilities including x509 certificate decoding, YAML and JSON string deserialization, cryptographic hashing (SHA-1, SHA-256, MD5), and time-based functions such as time.now() for time-since evaluations. These enhancements unlock more expressive, maintainable, and future-proof policies across validating, mutating, generating, and image validation use cases.The release also introduces an API version bump for all CEL policy types, along with long-requested support for namespaced mutating and generating policies, giving teams finer-grained control and safer multi-tenant operations. In addition, Kyverno now supports using CEL expressions to dynamically select mutating policy targets—enabling advanced scenarios such as mutating all ConfigMaps within the triggering resource’s namespace.Looking ahead, the session will also preview features targeted for Kyverno 1.17, including improved policy reporting controls via the new –allowedResults flag and upcoming support for Cosign v3 in image validation policies, further strengthening Kubernetes supply chain security.Whether you’re already using Kyverno or exploring policy as code for the first time, this session will show how Kyverno 1.17 empowers platform engineers to write smarter, safer, and more scalable policies for modern cloud native environments.