Before I dive into the OPA vs. Kyverno comparison, we first need to understand Policy as Code?

What is Policy as Code?

As per definition: Policy as Code is the process of managing and provisioning policy enforcement tooling through machine-readable definition files, rather than best practice documentation or interactive configuration…

Reference: https://kubesec.io/

Kubesec is an open-source Kubernetes security scanner and analysis tool. The way it works, it accepts a single Kubernetes manifests file and provides a severity score for each found vulnerability.

There is a common phrase in the DevSecOps world-shifting security to the left, which means catching any security at the…

As per the official github link kubewatch is a Kubernetes watcher that publishes notifications to Slack/hipchat/mattermost/flock channels. It watches the cluster for resource changes and notifies them through webhooks.

Basically kubewatch looks for events like pod/deployment/confimap creation/deletion and sends notification to selected channels like

  • slack
  • hipchat
  • mattermost
  • flock
  • webhook
  • smtp

Installation

Prashant Lakhera

AWS Community Builder, Ex-Redhat, Author, Blogger, YouTuber, RHCA, RHCDS, RHCE, Docker Certified,4XAWS, CCNA, MCP, Certified Jenkins, Terraform Certified, 1XGCP

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store