Authz Control Point

Runtime authorization for Kubernetes and cloud services using Kyverno AuthZ — in private preview.

In Private Preview — This feature is available to select customers. Contact us to learn more.

Overview

The Nirmata Authorization Service provides runtime, identity-aware authorization for Kubernetes and cloud services, built on Kyverno AuthZ. It enables policy-driven access control decisions with full audit trails — going beyond admission control to govern every API call in real time.

What’s Included

  • Identity-aware authorization — decisions based on user identity, group membership, and contextual attributes
  • Kyverno AuthZ integration — leverage your existing Kyverno policies for runtime authorization
  • Kubernetes SubjectAccessReview webhook — drop-in replacement for standard RBAC with policy-enriched decisions
  • Full audit trail — every authorization decision logged with policy context
  • Exception handling — manage authorization exceptions through Nirmata Control Hub
  • Integration with external identity providers — OIDC, SAML, and cloud IAM support

Get Access

The Authorization Service is currently available in private preview for select customers.

Contact Us to Learn More →