Policy Controller

This page describes Anthos Policy Controller, a Kubernetes dynamic admission controller that checks, audits, and enforces your clusters' compliance with policies related to security, regulations, or arbitrary business rules.


Policy Controller enforces your clusters' compliance with policies called constraints. For example:

Along with constraints, Policy Controller also introduces constraint templates. Constraint templates allow you to define how a constraint works but delegate defining the specifics of the constraint to an individual or group with subject-matter expertise. In addition to separating concerns, this also separates the logic of the constraint from its definition.

Policy Controller is integrated into Anthos Config Management v1.1 and higher. Policy Controller is built using Gatekeeper, an open source project.

What's next