Nirmata Policy Manager for Kubernetes

Nirmata Policy Manager for Kubernetes Nirmata PMK provides enterprise grade reporting and policy lifecycle management across Kubernetes clusters. Nirmata Policy Manager for Kubernetes is built on Kyverno, a CNCF project created by Nirmata.

Kyverno, as CNCF project created by Nirmata, is a Kubernetes native policy engine that allows defining and managing policies as native Kubernetes resources, without requiring a new language or complex tooling. Kyverno policies can be used for pod security, workload configuration security, automating default configurations, image verification, and a number of other use cases. Every aspect of DevSecOps can be influenced through the use of Policy as Code (PaC) solutions, from version and access controls down to automated testing and deployment. Kyverno ensures workload security, enables self-service security and eliminates configuration errors.

Kyverno allows familiar tools such as kubectl, git, and kustomize to manage policies. Kyverno policies can validate, mutate, and generate Kubernetes resources. More information about Kyverno is available here .

Nirmata’s Policy Manager for Kubernetes provides:

  1. Operational compliance - Curated policy sets for pod security policies, multi-tenancy, Kubernetes best practices compliance. The Kubernetes ecosystem is fast moving, and Nirmata PMK provides peace of mind to DevSecOps teams for operational security and best practices.
  2. Automated Kyverno and Policy Management across clusters and namespaces.
  3. Policy Groups - Ability to group policies by policy type and subscribe those policies across differnt clusters and namespaces.
  4. Policy Reports - Policy Violations Reports at cluster, namespace and application level.
  5. Sharing reports - Ability to share the compliance reports with respectives namespace and cluster owners.
  6. Policy deployment status across clusters.
  7. Policy grade per cluster and namespace.

Nirmata supports upstream Git for policy management across clusters and provides for centralized policy management across Enterprise Kubernetes environment.