---
name: phase-3-runtime-weeks-9-12
description: >-
  Runtime enforcement phase overview. Policy-as-code with Kyverno, resource limits, image source verification, security context enforcement, and policy observability for production Kubernetes hardening.
---

# Phase 3: Runtime (Weeks 9-12)

## When to Use This Skill

Phase 3 extends enforcement to runtime through three critical areas:

1. **[Policy Enforcement](policy-enforcement.md)** - Core Kyverno policies for resource limits, image verification, security context
2. **[Advanced Policies](advanced-policies.md)** - Namespace quotas, pod security standards, network policies
3. **[Rollout Strategy](rollout.md)** - Audit-first deployment approach and metrics

These controls ensure only compliant workloads run in production.

---


## Implementation

See the full implementation guide in the [source documentation](https://adaptive-enforcement-lab.com/enforce/implementation-roadmap/).


## Related Patterns

- Policy-as-Code with Kyverno
- Pod Security Standards
- Runtime Security
- Implementation Roadmap Overview
- Phase 2: Automation
- Phase 4: Advanced →

## References

- [Source Documentation](https://adaptive-enforcement-lab.com/enforce/implementation-roadmap/)
- [AEL Enforce](https://adaptive-enforcement-lab.com/enforce/)