All Policies

Require Annotations

Define and use annotations that identify semantic attributes of your application or Deployment. A common set of annotations allows tools to work collaboratively, describing objects in a common manner that all tools can understand. The recommended annotations describe applications in a way that can be queried. This policy validates that the annotation `corp.org/department` is specified with some value.

Policy Definition

/other/require-annotations/require-annotations.yaml

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: require-annotations
 5  annotations:
 6    policies.kyverno.io/title: Require Annotations
 7    policies.kyverno.io/category: Other
 8    policies.kyverno.io/severity: medium
 9    policies.kyverno.io/subject: Pod, Annotation
10    policies.kyverno.io/description: >-
11      Define and use annotations that identify semantic attributes of your application or Deployment.
12      A common set of annotations allows tools to work collaboratively, describing objects in a common manner that
13      all tools can understand. The recommended annotations describe applications in a way that can be
14      queried. This policy validates that the annotation `corp.org/department` is specified with some value.            
15spec:
16  validationFailureAction: audit
17  background: true
18  rules:
19  - name: check-for-annotation
20    match:
21      any:
22      - resources:
23          kinds:
24          - Pod
25    validate:
26      message: "The annotation `corp.org/department` is required."
27      pattern:
28        metadata:
29          annotations:
30            corp.org/department: "?*"