Policy-as-Code Agent

Generate and test Kyverno policies using natural language
Preview Feature: The Policy-as-Code Agent is currently available for preview. Contact us to get early access and provide feedback. Contact Us

Policy-as-Code Agent

The Policy-as-Code AI agent is an intelligent CLI assistant that helps you create, test, and manage Kyverno policies using natural language. Instead of writing complex YAML by hand, you can describe what you want to achieve, and the AI agent will help you with:

  • Natural Language Policy Creation: Describe your policy requirements in plain English
  • Automated Test Generation: Creates test cases to validate your policies
  • Resource Generation: Creates example resources for testing
  • Git Integration: Prepares policies for submission to Git repositories
  • Interactive Mode: Have a conversation with the agent to refine policies
  • Local Development: Everything runs locally on your machine

Prerequisites

Before using the Policy-as-Code Agent, you need to be logged into Nirmata:

Get a Free Trial Account:

Login to Nirmata:

nctl login --userid YOUR_USER_ID --token YOUR_API_TOKEN

Installation

Using Homebrew:

brew tap nirmata/tap
brew install nctl@4.8-rc

💡 Tip: If you run into the following error - Error: Cannot install nirmata/tap/nctl@4.8-rc because conflicting formulae are installed.

Unlink nctl first (brew unlink nctl), and then try to install the RC version.

NOTE: For manual install, download the latest 4.8 RC from https://downloads.nirmata.io/nctl/allreleases/

Quick Start

Start Interactive Mode:

nctl ai

Direct Policy Generation:

nctl ai --prompt "create a policy that requires all pods to have resource limits"

Examples

Best Practices

  1. Start Simple

    • Begin with a basic policy description
    • Let the AI help you refine it

  2. Review Generated Content

    • Always review generated policies
    • Test policies before deployment

  3. Iterative Development

    • Use the interactive mode to refine policies
    • Ask for explanations when needed

  4. Version Control

    • Store all generated policies and tests in Git
    • Keep policies and tests together

Common Use Cases

  1. Policy Development

    • Create new policies from descriptions
    • Convert existing policies to Kyverno
    • Generate policy variations

  2. Testing

    • Create comprehensive test suites
    • Generate example resources
    • Validate policy behavior

  3. Documentation

    • Generate policy documentation
    • Create usage examples
    • Document test cases