Skip to main content

Overview of Creating Cluster Policies

< overview | cluster policy create workflow

Creating a cluster policy involves several sections which you must follow in order. Key points for each section are described below:

Cluster Policy Create Details

Details

  • Identification and Description: Use clear and concise names and descriptions to help your team quickly grasp the policy's purpose and configuration.
  • Type: We use Kyverno as the policy engine. It enables the validation, mutation, and generation of Kubernetes resources based on your custom policies.

View configuration steps >


Scope

Scoping a cluster policy offers these benefits:

  • Workspaces: Scope policies to specific developer workspaces to address their unique requirements.
  • Stages: Ensure consistent security across clusters within a stage such as production and non-production.
  • Labels: Use cluster labels for fine-grained policy application.

View configuration steps >


Policy Settings

Provide the YAML of your Kyverno policy, and it will be enforced based on the scope you specified. This enables the implementation of policies that validate, mutate, or generate Kubernetes resources according to your custom requirements. For more information and examples, see Kyverno.

Read more >


Review Configuration Summary

Review a summary of the configuration you've specified and make any amendments as needed.

Read more >


Apply the YAML

View and download the YAML and then apply it using Wayfinder's CLI or via your CI system. Alternatively, you can instruct Wayfinder to apply the YAML immediately.

Read more >



What comes next?