| Welcome & Opening Remarks | Kyverno Maintainers and Community Members welcome all event participants |
| Kyverno Gets Smarter: Writing Dynamic Policies with CEL -- Koray Oksay, Kubernetes Consultat at Kubermatic | Kyverno’s YAML-first policy model is easy to adopt, but as complexity grows, traditional match and pattern rules can become flaky or overly verbose. CEL (Common Expression Language), a game-changing addition that brings dynamic, context-aware logic, now supports Kyverno policies to overcome this.
In this session, you’ll learn how CEL unlocks a new level of flexibility in Kyverno. We will explore how to write cleaner, smarter policies by embedding CEL expressions into validation conditions, preconditions, and match logic. You’ll see real-world use cases where CEL simplifies policy writing, improves performance, and enables previously impossible or challenging tasks in pure YAML.
Whether you’re writing policies for security, governance, or multi-tenant control, CEL gives you the power to go beyond boilerplate YAML and build dynamic, context-sensitive guardrails without leaving Kubernetes. |
| Scaling Developer Self-Service: Kyverno Policies for Inclusive Platform Engineering -- Divya Chaudhary, Software Development Manager at Amazon | Digital transformation demands scalable platforms that serve diverse developer populations effectively. This presentation explores how Kyverno policies can create inclusive self-service experiences that parallel successful financial inclusion models—reducing barriers, enabling microservices at scale, and formalizing shadow IT practices.
We'll demonstrate how thoughtfully designed Kyverno policies dramatically reduce operational friction for developers, similar to how digital payment systems transformed financial access. Through practical examples, attendees will learn to implement policies that provide guardrails without gatekeeping, enabling teams with varying expertise levels to deploy safely. The session covers using Kyverno's mutation capabilities to automatically inject best practices, reducing the knowledge barrier for junior developers while maintaining platform standards.
Critical implementation strategies include creating proportional policies that scale requirements with risk levels, implementing multi-channel policy education through generate policies and developer portals, and leveraging Kyverno's reporting features to identify and address adoption barriers. We'll showcase real-world patterns where policy-as-code reduced deployment failures by standardizing configurations while preserving developer flexibility.
The presentation concludes with metrics-driven approaches to measure policy effectiveness in expanding platform access, ensuring your Kubernetes environment serves as a catalyst for innovation rather than a barrier to entry. |
| Event Break with Virtual Chat Open for Conversation & Networking | Grab some water, tea, or coffee to recharge. Chat with folks in the event chat and get ready for the rest of the event topics! |
| Green Platform Engineering: Sustainable Kubernetes with Kyverno Policies -- Rajeev Samuel Devadas, Application Consultant Architect at IBM Corp's Hybrid Cloud Transformation Division | Platform engineering teams increasingly prioritize sustainability alongside developer experience. This presentation explores how Kyverno policies enable organizations to build environmentally conscious Internal Developer Platforms (IDPs) that reduce resource waste while enhancing developer productivity. We'll demonstrate how policy-as-code approaches help teams achieve their sustainability goals without sacrificing innovation or deployment velocity.
Our analysis shows that implementing resource optimization policies through Kyverno reduces cluster resource consumption by 40% while improving application performance. We'll showcase practical policies that automatically right-size workloads, enforce resource limits, and prevent overprovisioning. The session includes real examples of mutation policies that inject sustainability best practices, such as automatic horizontal pod autoscaler configurations and efficient container image selection based on size and vulnerability metrics.
We'll present a comprehensive framework for building self-service platforms where Kyverno policies guide developers toward sustainable choices. This includes integration patterns with developer portals like Backstage, where policy validations provide immediate feedback on resource efficiency. We'll demonstrate how generate policies can automatically create namespace quotas and limit ranges that balance developer freedom with environmental responsibility. Advanced examples will cover using Kyverno's background scans to identify and remediate resource waste in existing deployments.
Attendees will learn strategies for implementing graduated policy enforcement that educates developers while preventing unsustainable practices. We'll share metrics dashboards that visualize the environmental impact of policy decisions and demonstrate how platform teams can use Kyverno to report on sustainability KPIs. This session equips platform engineers with practical tools to build developer platforms that deliver exceptional experiences while contributing to organizational sustainability goals through intelligent policy automation. |
| How Kyverno has Changed Platform Engineering Security -- Pedro Ignacio, Senior Platform Engineer, Itaú Unibanco | In this session we're going to explore how Kyverno, applied in the context of Kubernetes clusters has changed the way we implement guardrails and controls into our platforms.
We'll explore the most important issues Kyverno addresses within the platform engineering landscape as well as see real-world examples of how the solution is being used to protect environments and to guarantee security best practices bettering the overall Developer experience while delivering more secure applications faster. |
| I Broke My Cluster with Kyverno (So You Don’t Have To) -- Vinod Kumar, Principal Cloud Engineer at Arcesium India | Working with Kyverno is powerful but with great policy comes great responsibility! In this light-hearted, fast-paced talk, I will share how I accidentally broke my Kubernetes cluster (more than once!) using Kyverno policies that were too strict, too recursive, or just misunderstood.
This talk will walk through:
(1) The top 3 mistakes I made (e.g., blocking all workloads, infinite policy loops, and bad patching)
(2) How to debug and recover from Kyverno policy mishaps
(3) Pro tips to write safe, testable, and non-destructive policies
Whether you are just starting out or already using Kyverno in production, you will walk away with laughs, learnings, and policy patterns that won’t bring your cluster to its knees. |
| Orchestrating Policy-Driven Tests with Kyverno, Argo Events, and Testkube -- Sonali Srivastava, Technology Evangelist at Improving | As Kubernetes adoption grows, each deployment introduces potential security, compliance, and operational risks that manual governance cannot scale to address. DevOps teams deploy code multiple times a day, while security and compliance teams demand thorough reviews. The result is often a trade-off: either slowing innovation or weakening security posture. Over time, configurations drift from intended standards, while frameworks like SOC 2, PCI DSS, and GDPR demand continuous proof of compliance.
Policy-as-Code helps close this gap by codifying rules such as resource limits and compliance checks directly in Kubernetes. In this talk, we'll show how policies can do more than enforce guardrails; they can trigger automated tests. Using Kyverno for policy enforcement, Argo Events for event capture, and Testkube for test orchestration, we'll demonstrate how violations can automatically run smoke or regression tests, providing actionable feedback instead of simply blocking deployments. |
| Thank You & Closing Remarks | Kyverno Maintainers and Community Members give thanks to event organizing committee and share details about the Kyverno Project and contribution opportunities in closing |
