Standard
DevOps
Certification
Golden Kubestronaut

Prep Course - Kyverno Certified Associate (KCA) Certification

Prep Course - Kyverno Certified Associate (KCA) Certification
Level: Beginner

Step into Kubernetes-native policy management! Our Kyverno Certified Associate (KCA) Course equips you to secure, standardize, and automate clusters. Hands-on labs, real-world demos, and mock exams to prepare you for KCA success. Enroll today!

Course Duration: 11.22 Hours
Mariam Fahmy

Mariam Fahmy

Software Engineer & Kyverno Maintainer

Welcome to the Kyverno Certified Associate (KCA) Certification Course!
Step into the world of Kubernetes-native policy management and governance with Kyverno. This comprehensive course is designed to equip you with the knowledge and hands-on skills to author, apply, and manage policies that secure, standardize, and automate Kubernetes environments. Through structured lectures, in-depth demos, hands-on labs, real-world scenarios, and dedicated mock exams, this course ensures you are fully prepared to clear the KCA exam and apply Kyverno effectively in production.

Course Modules

Kyverno Introduction

Understand what Kyverno is, explore its architecture and core components, install it on your cluster, and learn the structure of Kyverno policies to build a strong foundation.

Resource Filters

Learn how to target Kubernetes resources using match, any/all, and exclude statements, apply preconditions and JMESPath expressions, and practice these filters through hands-on labs.

Validate Rules

Master Kyverno’s validation capabilities to enforce security and configuration standards, including failure actions, patterns, deny rules, ForEach constructs, Pod Security Standards, exemptions, CEL expressions, and autogen rules.

Mutate Rules

Use JSONPatch and strategic merge patch to modify resources dynamically, implement conditional anchors, mutate existing resources, and apply ForEach mutations for bulk updates.

Generate Rules

Automate resource creation using data sources, clone sources, clone lists, and generate existing rules while understanding synchronization behavior to maintain consistent cluster state.

External Data Sources

Enrich policies with external data from ConfigMaps, API calls, global contexts, and container image registries to make policy enforcement dynamic and context-aware.

ImageVerify Rules

Implement container image signing and verification using Notary, validating both image signatures and attestations to secure the Kubernetes supply chain.

Policy Exceptions

Configure and manage policy exceptions and Pod Security exemptions to allow flexibility in governance without compromising cluster security.

Cleanup Policies

Automate the removal of unused or outdated resources using cleanup policies and labels to maintain a clean and compliant Kubernetes environment.

Reporting

Generate PolicyReports from admission requests and background scans, understand the report schema, and interpret results to improve visibility into policy enforcement.

Kyverno CLI

Master the kyverno CLI for policy management, using apply and test commands to validate, test, and deploy policies efficiently in real-world scenarios.

Hands-On Labs and Real-World Projects

  • Deploy and manage Kyverno on real Kubernetes clusters.

  • Implement real-world policies to enforce best practices, secure workloads, and automate resource management.

Mock Exams and Exam Readiness

To help you succeed, this course includes mock exams that mirror the format, difficulty, and coverage of the actual KCA exam. These practice tests will help you evaluate your readiness, reinforce your learning, and boost your confidence.

About This Certification

The Kyverno Certified Associate (KCA) is a foundational certification that validates your understanding of Kyverno concepts, policy design, and operational best practices.
Earning this certification demonstrates your ability to secure and govern Kubernetes clusters using Kyverno, ensuring compliance and standardization at scale.

Who Should Enroll

  • Kubernetes administrators and platform engineers.

  • DevOps and security engineers focused on policy enforcement and cluster governance.

  • Cloud-native practitioners aiming to specialize in policy-as-code.

  • Anyone preparing for the Kyverno Certified Associate (KCA) exam.

Prerequisites

  • Foundational knowledge of Kubernetes concepts and objects.

  • Basic understanding of YAML, container security, and cloud-native principles.

Empower your Kubernetes journey with policy-as-code enroll today and become a Certified Kyverno Associate! 🚀

Our students work at..

Vmware logo
Microsoft logo
Google logo
Dell logo
Apple logo
Pivotal logo
Amazon logo

About the instructor

  • Mariam Fahmy

    Mariam Fahmy

    Software Engineer & Kyverno Maintainer

    Mariam Fahmy is a Software Engineer at Nirmata and a maintainer of Kyverno, the Kubernetes-native policy engine. With deep expertise in policy-as-code, Mariam has contributed extensively to the growth and evolution of Kyverno, from validating and mutating rules to pioneering new CEL-based policy types. She is also an active mentor in the CNCF LFX Mentorship program, where she guides and supports new contributors in open source, helping them gain confidence and develop their skills. Beyond her technical contributions, Mariam regularly shares knowledge through talks, labs, and workshops focused on Kubernetes governance, cloud security, and policy management. She is passionate about building community, empowering others to succeed in open source, and advancing cloud-native security practices at scale.