#117 How Policy as Code Is Changing Kubernetes Forever Artwork

De Nederlandse Kubernetes Podcast

De Nederlandse Kubernetes Podcast: gemaakt door én voor mensen met een hart voor IT. In deze reeks gaan Ronald Kers en Jan Stomphorst in gesprek over Kubernetes met als doel Kubernetes toegankelijk te maken voor iedereen.

All Episodes

De Nederlandse Kubernetes Podcast

#117 How Policy as Code Is Changing Kubernetes Forever

November 04, 2025 • Ronald Kers en Jan Stomphorst • Season 3 • Episode 40

In this episode of De Nederlandse Kubernetes Podcast, we talk with Jim Bugwadia, founder and CEO of Nirmata, and Shuting Zhao, Staff Engineer and one of the maintainers of Kyverno — the CNCF project for Kubernetes policy management.

Jim and Shuting share how Kyverno was born from Nirmata’s commercial work and has since become one of the most widely adopted open source projects in Kubernetes governance, with over 3.4 billion image pulls.

We explore the real question: Why does Kubernetes need policies if it’s already declarative?
Jim explains how policy as code helps developers, operators, and security teams collaborate on cluster configuration at scale — from pod security to resource quotas, network policies, and automation.

Shuting dives deeper into how Kyverno enables granular control, policy exceptions, and flexible enforcement modes — from audit to enforce. They discuss how large organizations use policy automation to improve compliance, security, and even cost efficiency, citing use cases like Adidas saving 50% in dev/test environments using policy-driven resource management.

We also touch on:

🧠 The evolution of policy as code and its parallels with infrastructure as code (like Terraform)
🧩 The role of AI in simplifying policy authoring (“I don’t want to run as root — just write the policy for me”)
⚙️ Nirmata’s Control Hub, a collaboration layer for DevSecOps teams
🔒 Shift-down security, where platform teams integrate security directly into Kubernetes itself

A deep-dive episode into how Kyverno and Nirmata are shaping the future of secure, automated Kubernetes governance — blending open source, AI, and DevSecOps collaboration.

Stuur ons een bericht.

ACC ICT Specialist in IT-CONTINUÏTEIT
Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overal

Support the show

Like and subscribe! It helps out a lot.

You can also find us on:
De Nederlandse Kubernetes Podcast - YouTube
Nederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTok
De Nederlandse Kubernetes Podcast

Where can you meet us:
Events

This Podcast is powered by:
ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

Jan Stomphorst

Host

Ronald Kers

Host