Marketplace

Gatekeeper

Updated September 24, 2024

Gatekeeper is a customizable policy controller and auditor for Kubernetes. Gatekeeper accepts incoming requests to clusters and validates them in real time to make sure they comply with predefined policies.

Gatekeeper improves on the Open Policy Agent (OPA) and offers the following benefits:

Deployment instructions
  1. Configure the application:

    • Namespace: Select a namespace or create a new one.

    • Application name: Enter a name for the application.

    • Audit interval: Set the interval between audits in seconds. 0 disables audits.

    • Constraint violations limit: Set the maximum number of violations to be logged for each constraint.

    • Only matching resource types: Select this option if you only need to validate those Kubernetes resource types for each constraint, which are explicitly specified in the respective constraint. If no resource types are specified or the option is disabled, all resources will be validated.

    • Create events at audit: Select this option to create a Kubernetes event for each constraint violation detected during the audit, with detailed information about the violation.

    • Events in affected namespace: Select this option if events with violation details should be created in the namespace in which a constraint violation was logged. Only applies if the Create events at audit option is enabled.

      If the Events in affected namespace option is disabled, events will be created in the namespace in which Gatekeeper is installed.

    • Allow external data: Select this option to enable experimental support of external data sources.

  2. Click Install.

  3. Wait for the application to change its status to Deployed.

Billing type
Free
Type
Kubernetes® Application
Category
Developer tools
Publisher
Yandex Cloud
Use cases
  • Creating policies for Kubernetes cluster resources.
  • Automatically applying the set policies across a cluster.
  • Auditing cluster resources.
Technical support

Yandex Cloud technical support is available 24/7. The types of requests you can submit and the appropriate response time depend on your pricing plan. You can switch to the paid support plan in the management console. You can learn more about the technical support terms here.

Product composition
Helm chartVersion
Pull-command
Documentation
gatekeeper3.12.0Open
Docker imageVersion
Pull-command
yandex-cloud/gatekeeper/manager16929708995809620324046199318664200915482272144353.12.0
yandex-cloud/gatekeeper/crds16929708995809620324046199318664200915482272144353.12.0
yandex-cloud/gatekeeper/crds16929708995809620324046199318664200915482272144353.12.0
yandex-cloud/gatekeeper/crds16929708995809620324046199318664200915482272144353.12.0
yandex-cloud/curl/curl16929708995809620324046199318664200915482272144357.83.1
yandex-cloud/gatekeeper/crds16929708995809620324046199318664200915482272144353.12.0
Terms
By using this product you agree to the Yandex Cloud Marketplace Terms of Service
Billing type
Free
Type
Kubernetes® Application
Category
Developer tools
Publisher
Yandex Cloud