Glossary

A namespace-wide resource. The policy processes only those requests targeting the namespace in which the AdmissionPolicy is defined.

An AdmissionPolicy which targets cluster-wide resources.

A PolicyReport and a ClusterPolicyReport store results of policy scans. Which one is used, depends on the scope of the resource.

A CLI tool to generate and test Kubernetes YAML files for policy deployment.

A Kubernetes resource created by the Kubewarden controller to let Kubernetes know where to send an AdmissionReview. In other words, this is how a Kubewarden controller informs Kubernetes where to find a resource mutating policy.

A PolicyReport and a ClusterPolicyReport store results of policy scans. Which one is used depends on the scope of the resource.

A PolicyServer validates incoming requests by executing Kubewarden policies against requests.

A Kubernetes resource created by the Kubewarden controller to let Kubernetes know where to send a AdmissionReview. In other words, this is how Kubewarden informs Kubernetes where to find a resource validating policy.

WebAssembly Procedure Calls. https://wapc.io.

WebAssembly System Interface. https://wasi.dev.

A binary instruction format for a stack-based virtual machine. Designed for web deployment. https://webassemly.org.

A runtime for WebAssembly. https://wasmtime.dev.