Getting Started

Quick start guide for Kyverno MCP

Quick Start

This guide will help you get started with Kyverno MCP in minutes.

Prerequisites

Before you begin, ensure you have:

  • Access to a Kubernetes cluster
  • A valid kubeconfig file
  • Kyverno installed in your cluster (optional, but recommended)

Step 1: Install Kyverno MCP

Choose your preferred installation method:

Using Homebrew (macOS/Linux)

brew tap nirmata/tap
brew install kyverno-mcp

Download Binary

Download the appropriate binary for your platform from the Nirmata downloads page.

Step 2: Configure Your MCP Client

Add Kyverno MCP to your MCP client configuration. For example, in Claude Desktop:

  1. Open your Claude Desktop configuration file:

    • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
    • Windows: %APPDATA%\Claude\claude_desktop_config.json
  2. Add the Kyverno MCP server:

{
  "mcpServers": {
    "kyverno": {
      "command": "/path/to/kyverno-mcp",
      "args": [
        "--kubeconfig=/path/to/your/kubeconfig"
      ]
    }
  }
}

Step 3: Test the Connection

  1. Start your MCP client (e.g., Claude Desktop)
  2. Ask about your Kubernetes contexts:
Can you list my available Kubernetes contexts?
  1. The assistant should be able to list your contexts using the list_contexts tool

Step 4: Apply Your First Policy

Try scanning your cluster with recommended policy sets for pod security, RBAC and Kubernetes best practices:

Scan my cluster for policy violations

The assistant will use the apply_policies tool to apply curated pod security policies.

Step 5: Check for Violations

Monitor policy violations:

Show me any policy violations in my cluster

The assistant will use the show_violations tool to display any policy violations.

What’s Next?