--- title: "Quick Start" description: "Getting started with nctl, the Nirmata CLI" diataxis: tutorial applies_to: product: "nctl" audience: ["developer","platform-engineer"] last_updated: 2026-04-16 url: https://docs.nirmata.io/docs/nctl/getting-started/ --- > **Applies to:** nctl 4.0 and later The Nirmata Controller (`nctl`) is a command line application that makes it easy to scan Kubernetes, Terraform, Dockerfiles and other resources for misconfigurations using default or custom Kyverno policy sets. You can use `nctl` to apply policies and **shift-left** by applying policies to Kubernetes and IaC resources directly in your code repositories, or to scan Kubernetes clusters without installing a policy engine as an admission controller in each cluster. ## Install nctl Install `nctl` using Homebrew: ```sh brew tap nirmata/tap brew install nctl ``` For more installation options, refer to the [installation guide](./installation.md). ## Scan a Kubernetes Cluster To scan a Kubernetes Cluster and publish the report, run: ```sh nctl scan kubernetes --cluster --publish ```text This command will scan your cluster using default policy sets (Pod Security Standards, RBAC Best Practices, and Kubernetes Best Practices) and publish a shareable report to Nirmata Control Hub. An email will be required to sign-in. To view additional options and detailed examples, run: ```sh nctl scan kubernetes --help ```text ## Scan a repository To scan a Git repository, run: ```sh nctl scan repository https://github.com/nirmata/demo-resources ```text To scan manifests in the current repository, run: ```sh nctl scan repository . ```text For more information and examples, run: ```sh nctl scan repository --help ```text ## Login to the Nirmata Control Hub To interact with the Nirmata Control Hub, you should first login to your account. ```bash nctl login ```text **Note**: Enter the right URL, email address, and the API Key associated with your account. The API Key can be generated by logging into your Nirmata account and navigating to the `Settings -> Profile` tab. Upon successful login, you should see this line in the output: `Validating user credentials...done!`. The configuration is written to `~/.nirmata/config` ## Commands Help For the available commands and details for each command, refer to the [Commands](./commands/) section. To learn more about the commands and different arguments supported, you can also view the command help. Here are a few examples. ```bash nctl help nctl scan --help ```text