The need for speed: optimizing Kyverno’s performance
Member post originally published on Nirmata’s blog by Jim Bugwadia and Khaled Emara About Kyverno Kyverno is a policy engine designed for Kubernetes and cloud native workloads. Policies can be managed as Kubernetes resources, and no…
Kyverno completes third-party security audit
Member post originally published on Kyverno’s blog by Kyverno maintainers The Kyverno project is pleased to announce the completion of its third-party security audit. The audit was conducted by Ada Logics in collaboration with the Kyverno maintainers, the Open…
Member post originally published on Nirmata’s blog by Shuting Zhao The Kyverno team is delighted to share a new Kyverno release, v1.11! This release marks a significant milestone for Kyverno, with an extensive development period of…
Kyverno expands beyond Kubernetes
Project post by Kyverno maintainers Kyverno, the open-source policy engine originally built for Kubernetes, is pleased to announce support for non-Kubernetes workloads, by supporting policies that operate on JSON payloads. Due to its simplicity and wide…
Kyverno completes fuzzing security audit
Project post originally published on the Kyverno blog by Adam Korczynski Presenting the results from the fuzzing security audit Kyverno, a CNCF policy engine for Kubernetes, is happy to announce the completion of its fuzzing security…
Cloud Native Live: Kubernetes policy as code with Kyverno
Kyverno is a policy engine designed for Kubernetes which uses Kubernetes APIs for policy declarations, reporting, and exceptions. In this session, Kyverno maintainers Chip and Jim will discuss why policy as code is important for Kubernetes…
CNCF On demand webinar: Managing policy exceptions in Kubernetes using Kyverno
This webinar will demonstrate how policy exceptions can be used with Kyverno. Kyverno is a popular Kubernetes-native policy engine. Occasionally, workloads need to be exempted from policy enforcement. Kyverno allows this by configuring policy exceptions.
Verifying images in a private Amazon ECR with Kyverno and IAM Roles for Service Accounts (IRSA)
Community post originally published on GitHub by Shuting Zhao, a maintainer of Kyverno When running workloads in Amazon Elastic Kubernetes Service (EKS), it is essential to ensure supply chain security by verifying container image signatures and…
One-time pass codes for Kyverno
Community post originally published on Neon Mirrors by Chip Zoller In real life, imposed rules often have cases where exceptions may be required but on a case-by-case basis. Policy is really no different here. While prevention…
Using Kyverno with Pod Security Admission
Guest post originally published on the Kyverno blog by Kyverno Maintainers Using Pod Security Admission with Kyverno for the best of both worlds. Pod Security Admission (PSA) is the built-in successor to Kubernetes PodSecurityPolicy (PSP) and is enabled by…