Multitenancy

Kyverno policies for enforcing multi-tenant cluster security and isolation standards.

What’s Covered

• Namespace resource quotas — Require ResourceQuota on every namespace
• LimitRange enforcement — Ensure default limits are set per namespace
• Network isolation — Require a default-deny NetworkPolicy in each namespace
• Tenant labeling — Enforce required labels for tenant identification

All multitenancy policies are available in the Nirmata policy library on GitHub.