Resource Definitions

 1kubectl explain policy.spec
 2KIND:     Policy
 3VERSION:  kyverno.io/v1
 4
 5RESOURCE: spec <Object>
 6
 7DESCRIPTION:
 8     Spec defines policy behaviors and contains one or more rules.
 9
10FIELDS:
11   background   <boolean>
12     Background controls if rules are applied to existing resources during a
13     background scan. Optional. Default value is "true". The value must be set
14     to "false" if the policy rule uses variables that are only available in the
15     admission review request (e.g. user name).
16
17   failurePolicy        <string>
18     FailurePolicy defines how unrecognized errors from the admission endpoint
19     are handled. Rules within the same policy share the same failure behavior.
20     Allowed values are Ignore or Fail. Defaults to Fail.
21
22   rules        <[]Object>
23     Rules is a list of Rule instances. A Policy contains multiple rules and
24     each rule can validate, mutate, or generate resources.
25
26   schemaValidation     <boolean>
27     SchemaValidation skips policy validation checks. Optional. The default
28     value is set to "true", it must be set to "false" to disable the validation
29     checks.
30
31   validationFailureAction      <string>
32     ValidationFailureAction controls if a validation policy rule failure should
33     disallow the admission review request (enforce), or allow (audit) the
34     admission review request and report an error in a policy report. Optional.
35     The default value is "audit".
36
37   webhookTimeoutSeconds        <integer>
38     WebhookTimeoutSeconds specifies the webhook timeout for this policy. After
39     the timeout passes, the admission request will fail based on the failure
40     policy. The default timeout is 10s, the value must be between 1 and 30
41     seconds.