Kubewarden is a policy engine for Kubernetes. It helps with keeping your Kubernetes clusters secure 🔐 and compliant ✔️
Kubewarden policies can be written using regular programming languages or Domain Specific Languages (DSL).
Policies are compiled into WebAssembly modules that are then distributed using traditional container registries.
If you want more information about the organization of the project, please check the community repository.
Take a look at our documentation 📖 Stay up to date by reading our official blog 📣 and by following us on Twitter.
Get in touch with us on Slack: join the kubewarden channel hosted by the official Kubernetes workspace 👨💻 💬 👩💻
Discover ready to use policies by visiting ArtifactHub 📦
Don't forget to take a look at kwctl, our handy multi-purpose tool for managing policies 🛠️ 🧰
Interested in writing a new policy?
- Checkout the step-by-step tutorials inside of our documentation 📖
- Add
kwctlto your toolbox 🛠️ 🧰 - Pick one of the languages from below
| Language | Project Template | SDK | Validation | Mutation | Maturity |
|---|---|---|---|---|---|
| Rust |  |
|
✔️ | ✔️ | 🔝 |
| Go (TinyGo) | |
|
✔️ | ✔️ | |
| Swift | |
|
✔️ | ✔️ | |
| Rego - Open Policy Agent | |
Rego built-ins | ✔️ | ❌ | 🔝 |
| Rego - Gatekeeper | |
Rego built-ins | ✔️ | ❌ | 🔝 |
| DotNet | ❌ | |
✔️ | ✔️ |
Can't find your favorite language? 🔍 Reach out to us and let's have a chat!
Use these tags to find repositories over all GitHub 🗺️ 🌌
| Purpose | Tag |
|---|---|
| Policy Template | kubewarden-policy-template |
| Policy | kubewarden-policy |
That's fantastic news! 🥳
Other than our policy templates, policy SDKs and policies, we have the following "core" projects:
| Project | Scope | Language |
|---|---|---|
kubewarden-controller |
Kubernetes integration point | Go |
policy-server |
Run Kubewarden policies | Rust |
kwctl |
Kubewarden policy multi-purpose cli tool | Rust |
