20:["$","$L14","/manual/06-glossary/k8s/opa-gatekeeper",{"href":"/manual/06-glossary/k8s/opa-gatekeeper","aria-current":"$undefined","className":"rounded-full border px-3 py-1 transition border-neutral-200 text-neutral-600 hover:border-neutral-400 hover:text-neutral-900 dark:border-neutral-700 dark:text-neutral-300 dark:hover:border-neutral-500 dark:hover:text-neutral-100","children":"OPA Gatekeeper"}] 21:["$","div",null,{"className":"space-y-6 text-base leading-7 text-neutral-800 dark:text-neutral-200 [&_h2]:mt-10 [&_h2]:text-2xl [&_h2]:font-semibold [&_h3]:mt-8 [&_h3]:text-xl [&_h3]:font-semibold [&_li]:list-disc [&_li]:pl-2 [&_ol]:list-decimal [&_ol]:pl-4 [&_ul]:list-disc [&_ul]:pl-4 [&_a]:text-blue-600 [&_a:hover]:underline dark:[&_a]:text-blue-400 [&_code]:rounded [&_code]:bg-neutral-100 [&_code]:px-1 dark:[&_code]:bg-neutral-800 dark:[&_code]:text-neutral-100 [&_pre]:overflow-x-auto [&_pre]:rounded [&_pre]:bg-neutral-900 [&_pre]:p-4 dark:[&_pre]:bg-neutral-800 dark:[&_pre]:text-neutral-100 [&_strong]:font-semibold","dangerouslySetInnerHTML":{"__html":"

Definition

Kubernetes components that intercept API requests to validate or mutate objects before they persist.

Why it matters

Enables policy enforcement (security, compliance, resource limits) at cluster boundaries.

Common pitfalls

Silent mutations that surprise developers.
Policies without clear remediation messages.

References

Kubernetes docs: Admission Controllers
OPA Gatekeeper; Kyverno

\n"}}]