
Public code for LFS255 Mastering Kubernetes Security with Kyverno

Primary LanguagePython


Public code for LFS255 Mastering Kubernetes Security with Kyverno

This repository maintains the code used in the labs chapter-wise.

  • Chapter 4: Writing Policies

    • Lab 4.1: Writing a Kyverno Policy
  • Chapter 5: Enforcing Policies

    • Lab 5.1: Policy Creation on Local Kubernetes Cluster
    • Lab 5.3: Working with Variables
  • Chapter 6: Policy Mutations

    • Lab 6.1: Mutate Resources Using RFC6902 JSONPatch Method
    • Lab 6.2: Mutate Resources Using the Strategic Merge Patch Method
    • Lab 6.3: Mutate existing resource using the Kyverno Policy
    • Lab 6.4: Using Cascaded Mutations
    • Demos
      • Policy Mutations Real World Example
      • Iterations in a Mutate Rule
      • Cascaded Mutation
  • Chapter 7: Policy Validation and Testing

    • Lab 7.2: Writing Tests for Validation Policy
    • Lab 7.3: Writing Tests for Mutation Policy
  • Chapter 8: Monitoring and Troubleshooting

    • Lab 8.2: Setting up Prometheus and Viewing Kyverno-Related Alerts
  • Chapter 9: Reporting in Kyverno

    • Lab 9.2: Install Policy Reporter and Configure Custom Webhook
  • Chapter 10: Securing Kyverno

    • Lab 10.1: Configure Read-Only Access to Policies
    • Lab 10.2: Configure Network Policy in Kyverno
    • Lab 10.3: Encrypt Kyverno Communications
  • Chapter 11: Integration and Extensibility

    • Lab 11.1: Integrate Kyverno with CI/CD Pipeline
    • Lab 11.2: Integrate Kyverno with GitOps Workflow
    • Lab 11.3: Integrate Kyverno with the Security Scanner
  • Chapter 12: Multi-Cluster Policy Management

    • Lab 12.1: Sync Kyverno Policies Across Multiple Clusters

Note: This repository contains only those chapters and its labs that have configuration files.