Skip to content

open-policy-agent/gatekeeper

Gatekeeper

Static Badge

How is Gatekeeper different from OPA?

Compared to using OPA with its sidecar kube-mgmt (aka Gatekeeper v1.0), Gatekeeper introduces the following functionality:

  • An extensible, parameterized policy library
  • Native Kubernetes CRDs for instantiating the policy library (aka "constraints")
  • Native Kubernetes CRDs for extending the policy library (aka "constraint templates")
  • Native Kubernetes CRDs for mutation support
  • Audit functionality
  • External data support

Getting started

Check out the installation instructions to deploy Gatekeeper components to your Kubernetes cluster.

Documentation

Please see the Gatekeeper website for more in-depth information.

Policy Library

See the Gatekeeper policy library for a collection of constraint templates and sample constraints that you can use with Gatekeeper.

Community & Contributing

Please refer to Gatekeeper's contribution guide to find out how you can help.

Code of conduct

This project is governed by the CNCF Code of conduct.

Security

For details on how to report vulnerabilities and security release process, please refer to Gatekeeper Security for more information.