Skip to content

cloud-quickstart/acm-policy-controller-library

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

69 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Anthos Config Management – Policy Controller Library

Contents

Background

Policy Controller, part of Anthos Config Management, is a Kubernetes dynamic admission controller that checks, audits, and enforces your clusters' compliance with policies related to security, regulations, or arbitrary business rules.

Policy Controller is based on the open source Open Policy Agent Gatekeeper project. Gatekeeper policies are defined using two separate resource types: Constraints and ConstraintTemplates. Having two distinct resource types allows for separation of policy definition (ConstraintTemplate) from policy enforcement (Constraint).

Policy Controller comes with a library of ConstraintTemplates for common security and compliance controls.

This repository contains sample Constraints which make use of Policy Controller's ConstraintTemplates to demonstrate how you might configure policy enforcement on your own cluster.

Policy Bundles

Anthos Policy Bundles

Anthos Policy Bundles may only be used on an Anthos cluster, including any associated ci/cd use. “Anthos cluster” is defined as “A Cluster (of any kind) registered to a fleet project where the Anthos API is enabled”.

Usage

See Creating constraints

About

Anthos Config Management Policy Controller enforces your clusters' compliance with policies

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published