Public code for LFS255 Mastering Kubernetes Security with Kyverno
This repository maintains the code used in the labs chapter-wise.
-
Chapter 4: Writing Policies
- Lab 4.1: Writing a Kyverno Policy
-
Chapter 5: Enforcing Policies
- Lab 5.1: Policy Creation on Local Kubernetes Cluster
- Lab 5.3: Working with Variables
-
Chapter 6: Policy Mutations
- Lab 6.1: Mutate Resources Using RFC6902 JSONPatch Method
- Lab 6.2: Mutate Resources Using the Strategic Merge Patch Method
- Lab 6.3: Mutate existing resource using the Kyverno Policy
- Lab 6.4: Using Cascaded Mutations
- Demos
- Policy Mutations Real World Example
- Iterations in a Mutate Rule
- Cascaded Mutation
-
Chapter 7: Policy Validation and Testing
- Lab 7.2: Writing Tests for Validation Policy
- Lab 7.3: Writing Tests for Mutation Policy
-
Chapter 8: Monitoring and Troubleshooting
- Lab 8.2: Setting up Prometheus and Viewing Kyverno-Related Alerts
-
Chapter 9: Reporting in Kyverno
- Lab 9.2: Install Policy Reporter and Configure Custom Webhook
-
Chapter 10: Securing Kyverno
- Lab 10.1: Configure Read-Only Access to Policies
- Lab 10.2: Configure Network Policy in Kyverno
- Lab 10.3: Encrypt Kyverno Communications
-
Chapter 11: Integration and Extensibility
- Lab 11.1: Integrate Kyverno with CI/CD Pipeline
- Lab 11.2: Integrate Kyverno with GitOps Workflow
- Lab 11.3: Integrate Kyverno with the Security Scanner
-
Chapter 12: Multi-Cluster Policy Management
- Lab 12.1: Sync Kyverno Policies Across Multiple Clusters
Note: This repository contains only those chapters and its labs that have configuration files.