SUSE Security Admission Controller is a Kubernetes policy engine enabling flexible policy enforcement using portable Wasm.
SUSE Security Admission Controller
SUSE's Cloud Native product family introduces additional value with greater security assurances, extended lifecycles, access to focused architectures and Kubernetes advisories. It will also offer options to get production support for innovative Cloud Native projects. With SUSE's Cloud Native, installation assets are hosted on a trusted registry owned and managed by SUSE.
SUSE Security Admission Controller is a Kubernetes Policy Engine aiming to be the Universal Policy Engine for Kubernetes. It supports reusing policies from other policy engines without having to rewrite them. You can write your own policies in any programming language that generates WebAssembly binaries, reusing your language tooling and libraries. Policies may run both outside the cluster and as part of your CI/CD processes. SUSE Security Admission Controller also provides an audit scanner to actively and continuously check policy enforcement over time.
SUSE Security Admission Controller
Quick Start
How to install and configure the controller in Kubernetes using Helm charts.
Tutorial - writing policies
Getting started with writing Admission Controller policies.
Tutorial - testing policies
Testing Admission Controller policies.
Tutorial - verifying Admission Controller
How Admission Controller uses signed provenance, SBOMs, and artifacts to check supply chain security.
Explanation - mutating policies
Mutating policies in Admission Controller can modify incoming Kubernetes objects before they are admitted.
Explanation - distributing policies
Distributing Admission Controller policies as annotated WebAssembly binaries.
Explanation - Audit Scanner
The Admission Controller audit scanner continuously checks cluster deployed policies for compliance.
Explanation - SUSE Security Admission Controller architecture
An insight into the Admission Controller technical architecture.
Comparing SUSE Security Admission Controller and OPA Gatekeeper
dmission Controller and OPA Gatekeeper are both CNCF policy engines for Kubernetes. A comparison.
Howtos - common tasks
A review of common tasks when operating Admission Controller.
No matching articles found