Kubernetes Native Policy Management

Kyverno is a policy engine designed for Kubernetes

Policies are managed as Kubernetes resources and no new language is required to write policies.

This allows using familiar tools such as kubectl, git, and kustomize to manage policies.

Kyverno policies can validate, mutate, generate, and cleanup Kubernetes resources, and verify image signatures and artifacts to help secure the software supply chain.

The Kyverno CLI can be used to test policies and validate resources as part of a CI/CD pipeline.

Join our community

Interested in learning and contributing?

Sign up on our mailing list or the Kyverno channel on Kubernetes Slack for discussions, and join our next community meeting. Check out the community page for more details.

Go Report Card License: Apache-2.0 GitHub Repo stars CII Best Practices

Kyverno is a CNCF Incubating Project

The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see Trademark Usage.