Automating EKS CIS Compliance with Kyverno and KubeBench
Wednesday, June 11, 2025 in General
Introduction: The Challenge of EKS Compliance at Scale Maintaining CIS Benchmarks compliance for Amazon EKS across multiple clusters is a common challenge in cloud native environments. Traditional manual approaches don’t scale, and existing …
Announcing Kyverno Release 1.14!
Friday, April 25, 2025 in Releases
We are excited to announce the release of Kyverno 1.14.0, marking a significant milestone in our journey to make policy management more modular, streamlined, and powerful. This release introduces two new policy types - ValidatingPolicy and …
Announcing Kyverno Release 1.13!
Wednesday, October 30, 2024 in Releases
Kyverno 1.13 contains over 700 changes from 39 contributors! In this blog, we will highlight some of the major changes and enhancements for the release. Major Features Sigstore Bundle Verification Kyverno 1.13 introduces support for verifying …
Kyverno-Envoy-Plugin - Kyverno policies based authorization plugin for Envoy
Tuesday, June 04, 2024 in General
Microservices enhance the productivity of individual development teams by dividing applications into smaller, independent components. However, microservices alone do not address longstanding challenges in distributed systems such as authentication …
Kyverno Reports Server - The ultimate solution to scale reporting
Wednesday, May 29, 2024 in General
Introduction Policy Reports are used by Kyverno to store the result of policies and cluster policies that match a resource. Kyverno generates reports during admission request as well as periodically as background scans. They are very helpful in …
Kyverno 1.12 Released
Friday, April 26, 2024 in Releases
The Kyverno team is thrilled to announce the launch of version 1.12 hot on the heels of KubeCon EU 2024. Our interactions with Kyverno users during the conference have been incredibly insightful, with many expressing eager anticipation for the …
Generating Kubernetes ValidatingAdmissionPolicies from Kyverno Policies
Monday, February 26, 2024 in General
In the previous blog post, we discussed writing Common Expression Language (CEL) expressions in Kyverno policies for resource validation. CEL was first introduced to Kubernetes for the Validation rules for CustomResourceDefinitions, and then it was …
Assigning Node Metadata to Pods
Monday, February 19, 2024 in General
If you’re running Kubernetes in production, especially in a public cloud, where a single cluster may span multiple availability zones, chances are you’re configuring workloads with some awareness of your topology. Kubernetes has a few …
Kyverno Chainsaw 0.1.4 - Awesome new features!
Thursday, February 15, 2024 in General
The latest release of Kyverno Chainsaw came out yesterday. Let’s look at the new features included in this release. Resource diff in assertion failures Resource templating support Resource diff in assertion failures This is a relatively …
Securing Services Meshes Easier with Kyverno
Sunday, February 04, 2024 in General
Service meshes are all too common these days in Kubernetes with some platforms even building them into clusters by default. Service meshes are no doubt useful in a variety of ways which are well known, but it’s also well known they dramatically …