AI Copilot

AI-powered assistant for Kubernetes policies, security, governance, and Policy as Code

Overview

AI Copilot is an intelligent assistant specialized in Kubernetes policies, security, governance, and Policy as Code with access to live data from your Nirmata environment. The Copilot combines deep technical knowledge with real-time insights to provide actionable guidance for security, compliance, and policy management.

Key Capabilities

Kubernetes & Container Security

Policy Creation & Management: Write, validate, and optimize Kyverno policies
Security Posture Analysis: Assess and improve cluster security configurations
Resource Management: Analyze deployments, pods, services, and other K8s resources
YAML/JSON Configuration: Generate and troubleshoot configuration files
Container Security: Best practices for images, runtime security, and hardening

Policy as Code Expertise

Kyverno Policies: Validation, mutation, and generation patterns
Compliance Frameworks: CIS benchmarks, PCI DSS, SOC 2, NIST
GitOps Integration: Policy deployment and management workflows
Multi-cluster Management: Cross-cluster policy consistency and governance

Live Environment Analysis

Real-time Violation Detection: Identify and prioritize security issues
Audit Trail Analysis: Track policy changes and remediation progress
Resource Discovery: Find and analyze specific resources across clusters
Trend Analysis: Historical security posture improvements

Problem-Solving Approach

The AI Copilot follows an autonomous analysis approach:

Proactive Investigation

Uses available tools to gather context without requiring explicit requests
Considers multiple approaches (3-5 different solutions) before making recommendations
Performs root cause analysis for policy violations and configuration issues

Practical Guidance

Provides step-by-step remediation instructions
Includes ready-to-use YAML, JSON, and Dockerfile code examples
Recommends industry-standard security and compliance best practices
Prioritizes high-impact, low-effort improvements

Specialized Knowledge Areas

Security & Compliance

Runtime security and admission control
Network policies and micro-segmentation
Identity and access management (RBAC, service accounts)

DevOps & GitOps

CI/CD pipeline security integration
Infrastructure as Code (IaC) scanning
Policy automation and deployment
Monitoring and alerting strategies

Troubleshooting & Optimization

Policy conflict resolution
Performance impact analysis
Resource optimization recommendations
Incident response and remediation

Using Copilot - Available Tools

AI Copilot has access to 8 specialized tools that interact with your Nirmata environment and provide real-time insights:

Security & Policy Analysis Tools

getPolicyResultsSummary

Get live security posture across your environment.

Returns: Current violations grouped by policy and rule
Filters: Can focus on specific namespaces, source IDs, or source types (k8s/git-repository)
Use Cases:
- “Show me all current security violations”
- “What’s the security state of my production namespace?”
- “Which policies are failing most frequently?”

getViolationAuditLog

Historical view of security posture changes.

Returns: Aggregated changes over time (remediated, new violations, etc.)
Time Range: Configurable (hours to days in ISO-8601 format like PT24H or P5D)
Filters: Can focus on specific policies, sources, or source types
Use Cases:
- “What security improvements were made this week?”
- “Track remediation progress over the last month”
- “Show violation trends for specific policies”

Infrastructure Discovery Tools

listClusters

Inventory of all managed Kubernetes clusters.

Features: Pagination support, name filtering (partial match)
Returns: Cluster names, IDs, and metadata
Use Cases:
- “Show me all clusters in the environment”
- “Find clusters with names containing ‘prod’”

listNamespaces

List namespaces within a specific cluster.

Features: Pagination, requires cluster name/ID
Returns: Namespace inventory for targeted cluster analysis
Use Cases:
- “What namespaces exist in my production cluster?”
- “Show me namespace organization across clusters”

listPolicies

Catalog of all deployed policies.

Features: Filter by cluster IDs, pagination support
Returns: Policy names, categories, annotations, and metadata
Use Cases:
- “What policies are deployed across my environment?”
- “Show me security policies for specific clusters”

listRepositories

Inventory of linked code and image repositories.

Features: Pagination support for large repository lists
Returns: Repository information tied to policy scans
Use Cases:
- “What repositories are being scanned for policy violations?”
- “Show me all connected Git repositories”

Resource Search & Analysis Tools

searchResource

Find and analyze specific Kubernetes resources.

Search Criteria: Resource name (partial match), resource type, scope
Scope Options:
- Repository + Branch
- Cluster + Namespace
- Cloud + Account + Service + Region
Resource Types: Pods, Deployments, Services, ConfigMaps, etc.
Use Cases:
- “Find all nginx deployments in production”
- “Locate ConfigMaps with sensitive data”
- “Search for specific resources causing violations”

get_current_page_context

Understand what you’re currently viewing in the UI.

Returns: Scraped browser context (can be verbose)
Best Used: When context about your current dashboard view is needed
Use Cases:
- “Analyze the violations shown on my current page”
- “Help with what I’m currently looking at”
- “Provide context-specific recommendations”

Common Tool Combinations

Complete Security Assessment

listClusters → Get environment overview
getPolicyResultsSummary → Current violation state
getViolationAuditLog → Historical trends
searchResource → Investigate specific issues

Policy Troubleshooting

listPolicies → Find relevant policies
getPolicyResultsSummary → See current failures
searchResource → Locate affected resources
get_current_page_context → Understand your current view

Remediation Tracking

getViolationAuditLog → Baseline violations
getPolicyResultsSummary → Current state
Comparison analysis for progress measurement

Autonomous Tool Usage

AI Copilot uses these tools proactively when you ask questions:

Automatically determines which tools provide the needed information
Calls multiple tools in sequence to build complete context
Analyzes data across tools to provide comprehensive answers
Does not require permission before using tools (unless missing required parameters)

Key Advantages:

Real-time Data: All tools provide live environment data
Cross-correlation: Combines data from multiple tools for deeper insights
Contextual Intelligence: Tools work together to understand your specific situation
Actionable Results: Data is immediately usable for decision-making

Conversations

Starting a New Conversation

To start a new conversation with AI Copilot:

Navigate to the AI Copilot section in Nirmata Control Hub
Click the New Chat button or icon
Type your question or request in the input field
Press Enter or click Send

AI Copilot Main Interface

The Copilot will analyze your request and use its available tools to gather relevant information from your environment before providing a comprehensive response.

Example Questions:

“Show me all current security violations in my production cluster”
“What policies are failing most frequently?”
“Help me write a Kyverno policy to restrict privileged containers”
“Track remediation progress over the last week”
“What are the easiest fixes I can make right now?”

Conversation History

AI Copilot maintains a history of your conversations for easy reference:

Access History: Click on the conversation history icon or sidebar to view past conversations
Resume Conversations: Click on any previous conversation to continue where you left off
Search Conversations: Use the search functionality to find specific topics or questions
Context Preservation: Each conversation maintains its context, allowing for follow-up questions

AI Copilot Conversation History

Conversation history helps you:

Track your security improvement journey
Reference previous recommendations and solutions
Build on earlier discussions without repeating context
Share insights with team members

Delete Conversation

To delete a conversation:

Navigate to your conversation history
Find the conversation you want to delete
Click the delete icon (typically a trash can or X icon) next to the conversation
Confirm the deletion when prompted

Note: Deleted conversations cannot be recovered. Consider exporting important information before deleting.

Best Practices

Ask Specific Questions

Instead of “Are there any issues?”, ask “What security violations exist in my production namespace?”
Provide context about what you’re trying to accomplish

Use Natural Language

The Copilot understands conversational queries
No need to use specific command syntax

Leverage Context Awareness

When viewing a specific dashboard or report, ask “What should I fix first on this page?”
The Copilot can see your current view and provide targeted recommendations

Follow-up Questions

Ask clarifying questions to dig deeper
Request code examples, step-by-step instructions, or alternative approaches

Combine Multiple Requests

“Show me all violations in the production cluster and suggest which ones to fix first”
The Copilot will automatically use multiple tools to provide comprehensive answers

Monitor AI Usage

All AI Copilot interactions consume AI credits from your monthly allocation. You can monitor your usage and track conversations in the AI Usage section.

To check your AI usage:

Navigate to Settings > Account
Click on the AI Usage tab
View your usage metrics including:
- Total tokens consumed
- Remaining credits for the current billing period
- Detailed conversation history with token counts

For complete details about AI usage tracking and metrics, see the AI Usage documentation.