Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
The Constraint framework is a simple pattern to write and manage multiple policies in our cluster. According to it, if you want to write any policies you need to create just two types of objects. These are already defined in the cluster for you.
Think of OPA Gatekeeper as a wrapper that provides you a predefined _ pattern _ to help you setup OPA Policies. This basically means configuring OPA for Kubernetes is as simple as applying a single (large) YML file that has all the necessary components covered. Behind the scenes, it will create a Namespace, a Service which will serve the webhooks, an Ingress, and two special Custom Resource Definitions. The two special CRDs namely ConstraintTemplate and Constraint are what makes writing policies easy for you as a user.