Kyverno 1.16 ups the policy-as-code game for Kubernetes by introducing a beta of CEL-based policies—with partial namespaced support to lock down RBAC to the minimum. You’ll get full metrics and native event generation for CEL policies, so tracking enforcement and troubleshooting just got way easier.
On the security front, fine-grained exceptions let you tailor CEL policy enforcement, and you can now run HTTP authorization checks inside ValidatingPolicy. Plus, say hello to the new Kyverno SDK—built for custom tooling and ecosystem integrations, with more polish coming in 1.17.
Watch on YouTube
Top comments (0)