Policy Management Questions

A PolicyReport entry shows a result of `warn`. What does this indicate?

A PolicyException resource is created but it is not being applied to matching resources. After checking the policy, a team discovers that `features.po...

Which Prometheus metric tracks the total number of policy rule evaluation results (pass, fail, warn, error, skip) in Kyverno?

What is the default port on which Kyverno exposes its Prometheus metrics?

A PolicyException is matched against a resource during background scanning. What result will appear in the PolicyReport for that resource-rule combina...

A PolicyReport entry shows `skip`. What does that result mean?

A team wants one policy to stop generating any reports at all, including ephemeral and permanent reports. What should it add to that policy?

A large cluster wants to store only failing results in reports to reduce report volume and ETCD pressure. Which flag supports that tuning?

A platform team wants Kyverno to publish permanent reports in the `openreports.io` API group instead of the default report group. Which configuration ...

By default, how often does Kyverno perform background scanning for reporting existing-resource policy results?

Which Kyverno metric exposes the running Kyverno version through labels on a constant gauge?

Which Kyverno Prometheus metric counts policy rule execution results such as pass and fail?

Which statement correctly describes PolicyReport scope in Kyverno?

A platform team asks why an Enforce-mode policy that blocked a bad admission request does not show a historical fail entry for that blocked object in ...

What must be enabled if Kyverno should generate reports for Kubernetes ValidatingAdmissionPolicies and their bindings?