You're viewing documentation for Anthos Config Management 1.3. This version has reached end of life and is no longer supported. View the latest documentation.

Policy Controller overview

Anthos Config Management's Policy Controller is a Kubernetes dynamic admission controller that checks, audits, and enforces your clusters' compliance with policies related to security, regulations, or arbitrary business rules.


Policy Controller enforces your clusters' compliance with policies called constraints. For example, you can create the following constraints:

To learn more, see Creating constraints.

Along with constraints, Policy Controller also introduces constraint templates. Constraint templates let you define how a constraint works but delegate defining the specifics of the constraint to an individual or group with subject-matter expertise. In addition to separating concerns, constraint templates also separate the logic of the constraint from its definition.

Policy Controller is integrated into Anthos Config Management v1.1 and higher. Policy Controller is built from the Gatekeeper open source project.

What's next