Step into the world of Kubernetes-native policy management and governance with Kyverno. This comprehensive course is designed to equip you with the knowledge and hands-on skills to author, apply, and manage policies that secure, standardize, and automate Kubernetes environments. Through structured lectures, in-depth demos, hands-on labs, real-world scenarios, and dedicated mock exams, this course ensures you are fully prepared to clear the KCA exam and apply Kyverno effectively in production.
Understand what Kyverno is, explore its architecture and core components, install it on your cluster, and learn the structure of Kyverno policies to build a strong foundation.
Learn how to target Kubernetes resources using match, any/all, and exclude statements, apply preconditions and JMESPath expressions, and practice these filters through hands-on labs.
Master Kyverno’s validation capabilities to enforce security and configuration standards, including failure actions, patterns, deny rules, ForEach constructs, Pod Security Standards, exemptions, CEL expressions, and autogen rules.
Use JSONPatch and strategic merge patch to modify resources dynamically, implement conditional anchors, mutate existing resources, and apply ForEach mutations for bulk updates.
Automate resource creation using data sources, clone sources, clone lists, and generate existing rules while understanding synchronization behavior to maintain consistent cluster state.
Enrich policies with external data from ConfigMaps, API calls, global contexts, and container image registries to make policy enforcement dynamic and context-aware.
Implement container image signing and verification using Notary, validating both image signatures and attestations to secure the Kubernetes supply chain.
Configure and manage policy exceptions and Pod Security exemptions to allow flexibility in governance without compromising cluster security.
Automate the removal of unused or outdated resources using cleanup policies and labels to maintain a clean and compliant Kubernetes environment.
Generate PolicyReports from admission requests and background scans, understand the report schema, and interpret results to improve visibility into policy enforcement.
Master the kyverno CLI for policy management, using apply and test commands to validate, test, and deploy policies efficiently in real-world scenarios.
To help you succeed, this course includes mock exams that mirror the format, difficulty, and coverage of the actual KCA exam. These practice tests will help you evaluate your readiness, reinforce your learning, and boost your confidence.
The Kyverno Certified Associate (KCA) is a foundational certification that validates your understanding of Kyverno concepts, policy design, and operational best practices.
Earning this certification demonstrates your ability to secure and govern Kubernetes clusters using Kyverno, ensuring compliance and standardization at scale.
Empower your Kubernetes journey with policy-as-code — enroll today and become a Certified Kyverno Associate! 🚀
Mariam Fahmy is a Software Engineer at Nirmata and a maintainer of Kyverno, the Kubernetes-native policy engine. With deep expertise in policy-as-code, Mariam has contributed extensively to the growth and evolution of Kyverno, from validating and mutating rules to pioneering new CEL-based policy types. She is also an active mentor in the CNCF LFX Mentorship program, where she guides and supports new contributors in open source, helping them gain confidence and develop their skills.Beyond her technical contributions, Mariam regularly shares knowledge through talks, labs, and workshops focused on Kubernetes governance, cloud security, and policy management. She is passionate about building community, empowering others to succeed in open source, and advancing cloud-native security practices at scale.