Kubewarden

All

96 repositories

audit-scanner
Public
Reports evaluation of existing Kubernetes resources with your already deployed Kubewarden policies.
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security
Go
•
Apache License 2.0
•8•8•8•1•Updated Feb 5, 2025Feb 5, 2025
kubewarden-controller
Public
Manage admission policies in your Kubernetes cluster with ease
webassembly hacktoberfest policy-as-code kubernetes-security kubernetes
Go
•
Apache License 2.0
•33•202•72•2•Updated Feb 5, 2025Feb 5, 2025
kwctl
Public
Go-to CLI tool for Kubewarden users
webassembly hacktoberfest policy-as-code kubernetes-security kubernetes
Rust
•
Apache License 2.0
•16•76•19•2•Updated Feb 5, 2025Feb 5, 2025
policy-evaluator
Public
Crate used by Kubewarden that is able to evaluate policies with a given input, request to evaluate and settings.
hacktoberfest
Rust
•
Apache License 2.0
•8•15•22•1•Updated Feb 5, 2025Feb 5, 2025
policy-server
Public
Webhook server that evaluates WebAssembly policies to validate Kubernetes requests
rust webassembly policy hacktoberfest policy-as-code kubernetes-webhook kubernetes-security kubernetes
Rust
•
Apache License 2.0
•18•142•17•1•Updated Feb 5, 2025Feb 5, 2025
pod-privileged-policy
Public
A Kubewarden Policy that limits the ability to create privileged containers
webassembly hacktoberfest policy-as-code pod-security-policy kubernetes-security kubewarden-policy kubernetes
Rust
•
Apache License 2.0
•6•8•1•1•Updated Feb 5, 2025Feb 5, 2025
policy-fetcher
Public
Crate used by Kubewarden that is able to pull policies from OCI registries and HTTP servers.
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security
Rust
•
Apache License 2.0
•8•8•6•2•Updated Feb 5, 2025Feb 5, 2025
swift-policy-template
Public template
A template repository to quickly scaffold a Kubewarden policy written with Swift language
swift kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy-template
Swift
•
Apache License 2.0
•1•1•3•1•Updated Feb 5, 2025Feb 5, 2025
context-aware-test-gatekeeper-policy
Public
Open Policy Agent
•
Apache License 2.0
•0•0•1•1•Updated Feb 5, 2025Feb 5, 2025
rego-policies-library
Public
A collection of Rego policies that can be used to enforce best practices in Kubernetes clusters
kubernetes webassembly compliance gatekeeper hacktoberfest policy-as-code rego kubernetes-security kubewarden-policy
Open Policy Agent
•
Apache License 2.0
•2•0•1•1•Updated Feb 5, 2025Feb 5, 2025
container-resources-policy
Public
Policy is designed to enforce constraints on the resource requirements of Kubernetes containers
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Go
•
Apache License 2.0
•5•0•1•0•Updated Feb 5, 2025Feb 5, 2025
raw-validation-wasi-policy
Public
Demo policy showing how to write a raw WASI validating policy
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Go
•
Apache License 2.0
•1•0•1•1•Updated Feb 5, 2025Feb 5, 2025
kyverno-dsl-policy
Public
[Experimental] Reuse Kyverno policies with Kubewarden
kubernetes webassembly policy-as-code kubernetes-security kyverno kubewarden-policy kyverno-policies
Go
•
Apache License 2.0
•1•1•3•1•Updated Feb 5, 2025Feb 5, 2025
raw-mutation-wasi-policy
Public
Demo policy showing how to write a raw WASI mutation policy
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Go
•
Apache License 2.0
•1•0•1•1•Updated Feb 5, 2025Feb 5, 2025
go-wasi-context-aware-test-policy
Public
A test context-aware policy written using Go Wasi
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Go
•
Apache License 2.0
•2•1•1•0•Updated Feb 5, 2025Feb 5, 2025
apparmor-psp-policy
Public
A Kubewarden Pod Security Policy that controls usage of AppArmor profiles
webassembly hacktoberfest policy-as-code pod-security-policy kubernetes-security kubewarden-policy kubernetes
Rust
•
Apache License 2.0
•4•6•3•0•Updated Feb 5, 2025Feb 5, 2025
capabilities-psp-policy
Public
A Pod Security Policy that controls Container Capabilities
webassembly hacktoberfest policy-as-code pod-security-policy kubernetes-security kubewarden-policy kubernetes
Rust
•
Apache License 2.0
•7•5•2•0•Updated Feb 5, 2025Feb 5, 2025
verify-image-signatures
Public
A Kubewarden Policy that verifies all the signatures of the container images referenced by a Pod
kubernetes webassembly hacktoberfest policy-as-code pod-security-policy kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•9•13•2•0•Updated Feb 5, 2025Feb 5, 2025
context-aware-demo
Public
A demo policy showing how to access Kubernetes resources at policy evaluation time
webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy kubernetes
Rust
•
Apache License 2.0
•2•1•1•0•Updated Feb 5, 2025Feb 5, 2025
echo
Public
A Kubewarden Policy that echoes Kubernetes' AdmissionReview objects
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•3•1•1•0•Updated Feb 5, 2025Feb 5, 2025
persistentvolumeclaim-storageclass-policy
Public
Policy that validates and adjusts the usage of StorageClasses in PersistentVolumeClaims
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•2•1•3•0•Updated Feb 5, 2025Feb 5, 2025
deprecated-api-versions-policy
Public
A Kubewarden Policy that detects usage of deprecated and dropped Kubernetes resources
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•4•15•1•0•Updated Feb 5, 2025Feb 5, 2025
allow-privilege-escalation-psp-policy
Public
A Kubewarden Pod Security Policy that controls usage of allowPrivilegeEscalation
webassembly hacktoberfest policy-as-code pod-security-policy kubernetes-security kubewarden-policy kubernetes
Rust
•
Apache License 2.0
•7•6•2•0•Updated Feb 5, 2025Feb 5, 2025
rancher-project-propagate-labels
Public
Propagate Rancher Project labels to the Namespaces it owns
Rust
•
Apache License 2.0
•3•3•1•0•Updated Feb 5, 2025Feb 5, 2025
readonly-root-filesystem-psp-policy
Public
A Kubewarden policy that enforces root filesystem to be readonly
kubernetes webassembly hacktoberfest policy-as-code pod-security-policy kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•3•2•3•0•Updated Feb 5, 2025Feb 5, 2025
env-variable-secrets-scanner-policy
Public
A Kubewarden Policy that detects secrets (ssh private keys, API tokens, etc) leaked via environment variables
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•3•5•1•0•Updated Feb 5, 2025Feb 5, 2025
allowed-proc-mount-types-psp-policy
Public
Replacement for the Kubernetes Pod Security Policy that controls the usage of /proc mount types
webassembly hacktoberfest policy-as-code pod-security-policy kubernetes-security kubewarden-policy kubernetes
Rust
•
Apache License 2.0
•5•7•3•0•Updated Feb 5, 2025Feb 5, 2025
selinux-psp-policy
Public
Replacement for the Kubernetes Pod Security Policy that controls the usage of SELinux
kubernetes webassembly hacktoberfest policy-as-code pod-security-policy kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•3•1•3•0•Updated Feb 5, 2025Feb 5, 2025
image-cve-policy
Public
Policy that validates workloads based on the vulnerability of the images they make use of
kubernetes webassembly cve hacktoberfest vulnerability-scanner sbom policy-as-code kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•1•0•1•0•Updated Feb 5, 2025Feb 5, 2025
unique-service-selector-policy
Public
Policy validates that there are no services with the same set of selectors
kubernetes webassembly hacktoberfest policy-as-code kubernetes-security kubewarden-policy
Rust
•
Apache License 2.0
•1•0•1•0•Updated Feb 5, 2025Feb 5, 2025