Nirmata Control Hub
Nirmata Control Hub (NCH) for Kubernetes provides enterprise grade reporting and policy lifecycle management across Kubernetes clusters. It is built on Kyverno, a CNCF project created by Nirmata.
Kyverno is a Kubernetes native policy engine that allows defining and managing policies as native Kubernetes resources, without requiring a new language or complex tooling. Kyverno policies can be used for pod security, workload configuration security, automating default configurations, image verification, and a number of other use cases. Every aspect of DevSecOps can be influenced through the use of Policy as Code (PaC) solutions, from version and access controls down to automated testing and deployment. Kyverno ensures workload security, enables self-service security and eliminates configuration errors.
Kyverno allows familiar tools such as kubectl, git, and kustomize to manage policies. Kyverno policies can validate, mutate, and generate Kubernetes resources. More information about Kyverno is available here.
Nirmata Control Hub Benefits
- Operational Compliance - Curated policysets for pod security, workload security, multitenancy and microsegmentation, supply chain security best practices, and much more. The Kubernetes ecosystem is fast moving, and NCH provides peace of mind to DevSecOps teams for operational security and best practices.
- Automated Kyverno and Policy Management across clusters and namespaces.
- Policy Reports - Policy Violations Reports at pipelines, clusters, and cloud level.
- Sharing Reports - Ability to share the compliance reports with your team.
- Collaborative Workflows - Seamlessly integrate with policy exceptions and provide remediation suggestions.
Nirmata integrates with GitOps tools for policy management across clusters and provides for centralized policy management in Enterprise Kubernetes environment.
Policy Exceptions Management
Contain steps to raise policy exceptions
Workflows
Contains the different workflows of nctl and npm