Gatekeeper is a validating and mutating webhook that enforces CRD-based policies executed by Open Policy Agent, a policy engine for Cloud Native environments.
Gatekeeperis a Kubernetes-native admission controller that extends the capabilities of OPA to Kubernetes clusters. By combining OPA’s policy engine with Kubernetes’ admission control mechanism, Gatekeeper enforces policies on Kubernetes resources during creation and update operations.
Open Policy Agent (OPA) was accepted to CNCF on March 29, 2018, moved to the Incubating maturity level on April 2, 2019, and then moved to the Graduated maturity level on January 29, 2021.
