Skip to main content
So far we’ve written policies to enforce rules, mutate resources, and perform cleanup. A critical question remains: how do we get a clear, consolidated view of the cluster’s compliance status? To understand your security posture you need a reporting system that converts raw policy evaluations into structured, queryable results. In this lesson we’ll explore Kyverno’s reporting capabilities and how they solve Alex’s visibility problem. Common obstacles Alex faces:
  • Log overload: every audit violation becomes a log entry, but logs are raw and hard to query.
  • Blind spots: Audit policies only evaluate new or updated resources, leaving existing resources unassessed.
  • No formal reporting: security teams require compliance reports, but Alex lacks a way to generate them.
The image outlines "Alex's New Challenge" with three problems: Log Overload, Pre-Existing Resources, and Compliance Reporting, each with a brief description.
Alex needs to move from reactive log-checking to proactive compliance reporting. He asks: how do I get a consolidated view of my cluster’s compliance status that includes both new and pre-existing resources? Kyverno’s reporting system is designed to answer exactly that. What we’ll cover
  • Core concepts: PolicyReport and ClusterPolicyReport as Kubernetes custom resources.
  • Real-time reporting: how Audit-mode policies generate structured report entries.
  • Background scans: how to evaluate existing resources and close the visibility gap so you can produce formal compliance reports.
PolicyReport and ClusterPolicyReport are standard Kubernetes custom resources. That means they can be queried with kubectl, watched by controllers, and exported to external systems via existing Kubernetes integrations.
Why PolicyReport and ClusterPolicyReport matter
  • Structured data: reports convert noisy audit logs into typed, queryable objects.
  • Integrations: because they’re Kubernetes resources, you can use existing exporters, controllers, and tooling to collect and persist them.
  • Visibility: reports capture evaluation results so you can answer questions like “How many pods are violating the image tag policy right now?”
Quick commands (querying reports)
Report types at a glance How reporting solves Alex’s problems
  • Logs → Reports: Audit-mode policies continue to allow developer workflows while emitting structured report entries that are easy to query and aggregate.
  • Existing resources: Background scans evaluate the current state of resources and populate reports for pre-existing workloads, closing the visibility gap.
  • Compliance artifacts: With reports stored as Kubernetes resources, you can generate formal compliance exports, drive dashboards, and automate notifications.
The image shows a challenge faced by Alex, who is seeking a consolidated view of a cluster's compliance state. There's a graphic of Alex with a speech bubble quoting the dilemma.
Next steps in this lesson
  1. Deep dive into the PolicyReport/ClusterPolicyReport schema and examples.
  2. Demonstrate how Audit policies create report entries in real time.
  3. Configure and run background scans to populate reports for all existing resources.
  4. Export and aggregate reports for compliance dashboards and stakeholder reporting.
References and further reading

Watch Video