diff --git a/hack/.golint_failures b/hack/.golint_failures
index 0c2c582ef37..797ab970d0b 100644
--- a/hack/.golint_failures
+++ b/hack/.golint_failures
@@ -38,9 +38,7 @@ pkg/apis/extensions/v1beta1
 pkg/apis/flowcontrol/v1alpha1
 pkg/apis/networking/v1
 pkg/apis/node/v1alpha1
-pkg/apis/policy
 pkg/apis/policy/v1beta1
-pkg/apis/policy/validation
 pkg/apis/rbac
 pkg/apis/rbac/v1
 pkg/apis/rbac/v1alpha1
diff --git a/pkg/apis/policy/register.go b/pkg/apis/policy/register.go
index c82e200a1da..1de340f662e 100644
--- a/pkg/apis/policy/register.go
+++ b/pkg/apis/policy/register.go
@@ -38,8 +38,10 @@ func Resource(resource string) schema.GroupResource {
 }
 
 var (
+	// SchemeBuilder is the scheme builder with scheme init functions to run for this API package
 	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
-	AddToScheme   = SchemeBuilder.AddToScheme
+	// AddToScheme is a global function that registers this API group & version to a scheme
+	AddToScheme = SchemeBuilder.AddToScheme
 )
 
 // Adds the list of known types to the given scheme.
diff --git a/pkg/apis/policy/types.go b/pkg/apis/policy/types.go
index 4f3bad15a9f..200f62552c9 100644
--- a/pkg/apis/policy/types.go
+++ b/pkg/apis/policy/types.go
@@ -275,6 +275,7 @@ var AllowAllCapabilities api.Capability = "*"
 // FSType gives strong typing to different file systems that are used by volumes.
 type FSType string
 
+// Exported FSTypes.
 const (
 	AzureFile             FSType = "azureFile"
 	Flocker               FSType = "flocker"
diff --git a/pkg/apis/policy/validation/validation.go b/pkg/apis/policy/validation/validation.go
index 2d880a20968..366b29e4dd4 100644
--- a/pkg/apis/policy/validation/validation.go
+++ b/pkg/apis/policy/validation/validation.go
@@ -35,12 +35,16 @@ import (
 	psputil "k8s.io/kubernetes/pkg/security/podsecuritypolicy/util"
 )
 
+// ValidatePodDisruptionBudget validates a PodDisruptionBudget and returns an ErrorList
+// with any errors.
 func ValidatePodDisruptionBudget(pdb *policy.PodDisruptionBudget) field.ErrorList {
 	allErrs := ValidatePodDisruptionBudgetSpec(pdb.Spec, field.NewPath("spec"))
 	allErrs = append(allErrs, ValidatePodDisruptionBudgetStatus(pdb.Status, field.NewPath("status"))...)
 	return allErrs
 }
 
+// ValidatePodDisruptionBudgetSpec validates a PodDisruptionBudgetSpec and returns an ErrorList
+// with any errors.
 func ValidatePodDisruptionBudgetSpec(spec policy.PodDisruptionBudgetSpec, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 
@@ -63,6 +67,8 @@ func ValidatePodDisruptionBudgetSpec(spec policy.PodDisruptionBudgetSpec, fldPat
 	return allErrs
 }
 
+// ValidatePodDisruptionBudgetStatus validates a PodDisruptionBudgetStatus and returns an ErrorList
+// with any errors.
 func ValidatePodDisruptionBudgetStatus(status policy.PodDisruptionBudgetStatus, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 	allErrs = append(allErrs, apivalidation.ValidateNonnegativeField(int64(status.PodDisruptionsAllowed), fldPath.Child("podDisruptionsAllowed"))...)
@@ -78,6 +84,8 @@ func ValidatePodDisruptionBudgetStatus(status policy.PodDisruptionBudgetStatus,
 // trailing dashes are allowed.
 var ValidatePodSecurityPolicyName = apimachineryvalidation.NameIsDNSSubdomain
 
+// ValidatePodSecurityPolicy validates a PodSecurityPolicy and returns an ErrorList
+// with any errors.
 func ValidatePodSecurityPolicy(psp *policy.PodSecurityPolicy) field.ErrorList {
 	allErrs := field.ErrorList{}
 	allErrs = append(allErrs, apivalidation.ValidateObjectMeta(&psp.ObjectMeta, false, ValidatePodSecurityPolicyName, field.NewPath("metadata"))...)
@@ -86,6 +94,8 @@ func ValidatePodSecurityPolicy(psp *policy.PodSecurityPolicy) field.ErrorList {
 	return allErrs
 }
 
+// ValidatePodSecurityPolicySpec validates a PodSecurityPolicySpec and returns an ErrorList
+// with any errors.
 func ValidatePodSecurityPolicySpec(spec *policy.PodSecurityPolicySpec, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 
@@ -114,6 +124,8 @@ func ValidatePodSecurityPolicySpec(spec *policy.PodSecurityPolicySpec, fldPath *
 	return allErrs
 }
 
+// ValidatePodSecurityPolicySpecificAnnotations validates annotations and returns an ErrorList
+// with any errors.
 func ValidatePodSecurityPolicySpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 
@@ -335,10 +347,13 @@ func validatePSPAllowedProcMountTypes(fldPath *field.Path, allowedProcMountTypes
 }
 
 const sysctlPatternSegmentFmt string = "([a-z0-9][-_a-z0-9]*)?[a-z0-9*]"
+
+// SysctlPatternFmt is a regex used for matching valid sysctl patterns.
 const SysctlPatternFmt string = "(" + apivalidation.SysctlSegmentFmt + "\\.)*" + sysctlPatternSegmentFmt
 
 var sysctlPatternRegexp = regexp.MustCompile("^" + SysctlPatternFmt + "$")
 
+// IsValidSysctlPattern checks if name is a valid sysctl pattern.
 func IsValidSysctlPattern(name string) bool {
 	if len(name) > apivalidation.SysctlMaxLength {
 		return false