< img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=3131724&fmt=gif" />

Gatekeeper

Gatekeeper is an admission controller for Kubernetes that allows flexible configuration of policies, leveraging Open Policy Agent (OPA) to validate requests to create and update resources on a Kubernetes cluster.

OPA Gatekeeper Library provides some commonly used security admission policies, including a series of constraint templates nd constraints that can be used with Gatekeeper. Constraint templates can be directly applied to the cluster, and constraints can be used to customize policies to meet your specific needs.

With Gatekeeper, you can flexibly define admission policies to enforce security admission reviews at the cluster level, ensuring the stability and security compliance of Kubernetes clusters.

The main features of Gatekeeper include:

  • Flexibility: Gatekeeper allows users to declaratively define admission policies that apply to selected namespaces and resource types.

  • Programmability: Gatekeeper uses Open Policy Agent (OPA) as the decision engine, enabling complex security policy definitions with Rego.

  • Rollout: Supports gradual implementation of admission policies in a phased manner, thereby mitigating the risk of interrupting workloads.

  • Pre-Release Mechanism: Gatekeeper provides a mechanism to test the impact and scope of security policies before enforcing them.

After installing the Gatekeeper extension, the Gatekeeper menu will be displayed in the left navigation pane of the cluster.

Constraint Templates

Learn how to manage constraint templates.

Create Constraint Templates

Learn how to create a constraint template.

View Constraint Template Details

Learn how to view constraint template details.

Edit Constraint Template Configuration

Learn how to edit constraint template configuration.

Delete Constraint Templates

Learn how to delete a constraint template.

Constraints

Learn how to manage constraints.

Create Constraints

Learn how to create a constraint.

View Constraint List

Learn how to view the constraint list.

View Constraint Details

Learn how to view constraint details.

Edit Constraint Configuration

Learn how to edit constraint configuration.

Delete Constraints

Learn how to delete a constraint.