Writing Policies

Create custom policy rules to validate, mutate, and generate configurations.

Policy Structure

Learn how Kyverno policies and rules work.

Selecting Resources

Use match and exclude to filter and select resources.

Validating Resources

Check resource configurations for policy compliance.

Mutating Resources

Modify resources during admission control.

Generate Resources

Create additional resources based on resource creation or updates.

Variables and External Data Sources

Use request data, ConfigMaps, and built-in variables in policy rules.

Preconditions

Control policy rule execution based on variables.

Auto-Gen Rules for Pod Controllers

Automatically generate rules for Pod controllers.

Background Scans

Manage applying policies to existing resources in a cluster.

Tips & Tricks

Tips and tricks for writing more effective policy.