Welcome & Opening Remarks | Kyverno Maintainers and Community Members welcome all event participants |
Kyverno Gets Smarter: Writing Dynamic Policies with CEL -- Koray Oksay, Kubernetes Consultat at Kubermatic | Kyverno’s YAML-first policy model is easy to adopt, but as complexity grows, traditional match and pattern rules can become flaky or overly verbose. CEL (Common Expression Language), a game-changing addition that brings dynamic, context-aware logic, now supports Kyverno policies to overcome this.
In this session, you’ll learn how CEL unlocks a new level of flexibility in Kyverno. We will explore how to write cleaner, smarter policies by embedding CEL expressions into validation conditions, preconditions, and match logic. You’ll see real-world use cases where CEL simplifies policy writing, improves performance, and enables previously impossible or challenging tasks in pure YAML.
Whether you’re writing policies for security, governance, or multi-tenant control, CEL gives you the power to go beyond boilerplate YAML and build dynamic, context-sensitive guardrails without leaving Kubernetes. |
Scaling Developer Self-Service: Kyverno Policies for Inclusive Platform Engineering -- Divya Chaudhary, Software Development Manager at Amazon | Digital transformation demands scalable platforms that serve diverse developer populations effectively. This presentation explores how Kyverno policies can create inclusive self-service experiences that parallel successful financial inclusion models—reducing barriers, enabling microservices at scale, and formalizing shadow IT practices.
We'll demonstrate how thoughtfully designed Kyverno policies dramatically reduce operational friction for developers, similar to how digital payment systems transformed financial access. Through practical examples, attendees will learn to implement policies that provide guardrails without gatekeeping, enabling teams with varying expertise levels to deploy safely. The session covers using Kyverno's mutation capabilities to automatically inject best practices, reducing the knowledge barrier for junior developers while maintaining platform standards.
Critical implementation strategies include creating proportional policies that scale requirements with risk levels, implementing multi-channel policy education through generate policies and developer portals, and leveraging Kyverno's reporting features to identify and address adoption barriers. We'll showcase real-world patterns where policy-as-code reduced deployment failures by standardizing configurations while preserving developer flexibility.
The presentation concludes with metrics-driven approaches to measure policy effectiveness in expanding platform access, ensuring your Kubernetes environment serves as a catalyst for innovation rather than a barrier to entry. |
KyvernoCon Keynote -- Jim Bugwadia, Co-founder & CEO Nirmata | TBA |
Event Break with Virtual Chat Open for Conversation & Networking | Grab some water, tea, or coffee to recharge. Chat with folks in the event chat and get ready for the rest of the event topics! |
Green Platform Engineering: Sustainable Kubernetes with Kyverno Policies -- Rajeev Samuel Devadas, Application Consultant Architect at IBM Corp's Hybrid Cloud Transformation Division | Platform engineering teams increasingly prioritize sustainability alongside developer experience. This presentation explores how Kyverno policies enable organizations to build environmentally conscious Internal Developer Platforms (IDPs) that reduce resource waste while enhancing developer productivity. We'll demonstrate how policy-as-code approaches help teams achieve their sustainability goals without sacrificing innovation or deployment velocity.
Our analysis shows that implementing resource optimization policies through Kyverno reduces cluster resource consumption by 40% while improving application performance. We'll showcase practical policies that automatically right-size workloads, enforce resource limits, and prevent overprovisioning. The session includes real examples of mutation policies that inject sustainability best practices, such as automatic horizontal pod autoscaler configurations and efficient container image selection based on size and vulnerability metrics.
We'll present a comprehensive framework for building self-service platforms where Kyverno policies guide developers toward sustainable choices. This includes integration patterns with developer portals like Backstage, where policy validations provide immediate feedback on resource efficiency. We'll demonstrate how generate policies can automatically create namespace quotas and limit ranges that balance developer freedom with environmental responsibility. Advanced examples will cover using Kyverno's background scans to identify and remediate resource waste in existing deployments.
Attendees will learn strategies for implementing graduated policy enforcement that educates developers while preventing unsustainable practices. We'll share metrics dashboards that visualize the environmental impact of policy decisions and demonstrate how platform teams can use Kyverno to report on sustainability KPIs. This session equips platform engineers with practical tools to build developer platforms that deliver exceptional experiences while contributing to organizational sustainability goals through intelligent policy automation. |
Policy-Driven Data Governance: Scaling AI Workloads with Kyverno Security Controls -- Ravali Kandur, Software Engineering Manager at Roblox | This presentation demonstrates how Kyverno's policy-as-code framework transforms data governance and security practices for AI workloads in Kubernetes environments. Through real-world implementations across healthcare, autonomous vehicles, and retail sectors, we explore how Kyverno policies enforce comprehensive data quality standards while maintaining regulatory compliance and operational efficiency.
Our analysis reveals that organizations implementing Kyverno-based governance achieve up to 23% improvement in AI model accuracy while reducing security incident response time by 41%. We examine how Kyverno's declarative policies automate data validation, access controls, and privacy enforcement across distributed AI training pipelines processing up to 1.2 petabytes daily.
These policies ensure 99.9% compliance with data handling regulations while eliminating manual security reviews.
The presentation showcases practical policy patterns for AI workloads: enforcing data encryption requirements, validating model training parameters, and automating privacy-preserving transformations. We demonstrate how Kyverno integrates with existing ML platforms to provide real-time policy enforcement without impacting training performance. Case studies highlight 45% reduction in compliance violations and 33% decrease in data breach risks through automated policy controls.
Attendees will learn to implement Kyverno policies that address critical AI governance challenges including synthetic data generation controls, federated learning security, and model versioning compliance. We conclude by exploring emerging patterns in policy-driven AI governance and demonstrate how Kyverno's extensible framework adapts to evolving security requirements while maintaining developer productivity in complex AI ecosystems. |
I Broke My Cluster with Kyverno (So You Don’t Have To) -- Vinod Kumar, Principal Cloud Engineer at Arcesium India | Working with Kyverno is powerful but with great policy comes great responsibility! In this light-hearted, fast-paced talk, I will share how I accidentally broke my Kubernetes cluster (more than once!) using Kyverno policies that were too strict, too recursive, or just misunderstood.
This talk will walk through:
(1) The top 3 mistakes I made (e.g., blocking all workloads, infinite policy loops, and bad patching)
(2) How to debug and recover from Kyverno policy mishaps
(3) Pro tips to write safe, testable, and non-destructive policies
Whether you are just starting out or already using Kyverno in production, you will walk away with laughs, learnings, and policy patterns that won’t bring your cluster to its knees. |
Scaling Healthcare Compliance: Policy as code Revolution in Medical K8s -- Soham Chakraborti, Software Developer II at Amazon.com | The convergence of policy-as-code and healthcare infrastructure has created unprecedented opportunities for automating compliance and security in medical Kubernetes environments. This presentation provides comprehensive insights into implementing Kyverno for healthcare workloads, drawing from real-world deployments in HIPAA-regulated environments.
Healthcare organizations implementing Kyverno have achieved remarkable outcomes including automated compliance validation, reduced security audit times by 75%, and eliminated manual policy enforcement errors. Our Kyverno-powered admission controls demonstrate 99.9% accuracy in preventing non-compliant medical data workloads while maintaining developer velocity through clear policy feedback mechanisms.
The session explores critical implementation patterns, including mutation policies that automatically inject security controls for PHI processing pods, validation rules ensuring encrypted data volumes for medical imaging workloads, and generate policies creating compliant network policies for healthcare microservices. We'll examine how ClusterPolicies enforce organization-wide HIPAA requirements while namespace-specific policies enable team autonomy.
Practical examples include policy testing workflows that catch compliance violations before deployment, integration with CI/CD pipelines for shift-left security, and external data source configurations connecting Kyverno to compliance databases. Attendees will learn to leverage Kyverno's reporting capabilities for audit trails and implement policy exceptions for emergency medical scenarios.
This hands-on session provides actionable strategies for healthcare platform teams to build compliant-by-default Kubernetes environments, automate security controls without impeding innovation, and create self-service platforms that empower medical application developers while maintaining strict regulatory adherence. |
Thank You & Closing Remarks | Kyverno Maintainers and Community Members give thanks to event organizing committee and share details about the Kyverno Project and contribution opportunities in closing |