RADIUS-to-Okta-MFA
iambic
RADIUS-to-Okta-MFA | iambic | |
---|---|---|
1 | 11 | |
8 | 272 | |
- | 1.5% | |
7.0 | 9.5 | |
8 days ago | 3 days ago | |
Python | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
RADIUS-to-Okta-MFA
-
MFA recommendations for on-prem
https://github.com/bdalpe/RADIUS-to-Okta-MFA#using-samaccountname-to-find-a-user
iambic
-
Open source IAM-as-code through IAMbic
Hello everyone! We are working on an open-source IAM-as-code solution called IAMbic, and recently added AWS Service Control Policy support (AWS guardrails, typically used for compliance). IAMbic represents your IAM in Git as YAML Files (called iambic templates). An example repository of templates managed by IAMbic is here. The goal is that you can download IAMbic, and go from your cloud to code in ~10 minutes without needing to write any code yourself. Any changes you make (via clicking in the cloud console, running `terraform apply`, etc) are captured by IAMbic and updated in Git, so you have a running Git history of all IAM changes over time, and Git is an eventually consistent, reliable source of truth for permissions. IAMbic templates are bi-directional, so when you want to manage identities in IAMbic (like cookie-cutter engineering IAM roles or AWS SSO permission sets), You go through a GitOps workflow, get approval, and instruct IAMbic to apply the changes. We have some examples in our IAMOps Philosophy docs. If you want resources to be solely managed by IAMbic, you can instruct IAMbic to prevent drift on these resources. You can also declaratively define temporary access or permissions in the format (Like: "I want userA to have access to the Salesforce app in Okta for 12 hours" or "I want to have S3 permissions to BucketA on the engineering role on the prod AWS account until DATE"). We're really looking for feedback because we want this to be a compelling solution. What are your thoughts? How can we make this better?
-
Open source IAM-as-code
We are working on an open-source IAM-as-code solution called IAMbic, and recently added AWS Service Control Policy support (AWS guardrails, typically used for compliance).
-
Are there any open source tools to centrally manage IAM policies?
There is IAMbic - github.com/noqdev/iambic . It puts all of your IAM (regardless of whether you're using terraform) in git, keeps track of all changes, and lets you round-trip changes through Git PRs.
-
IAMbic, A multi-account identity-centric IaC
IAMbic Repo
Here's the github for anyone curious: https://github.com/noqdev/iambic
-
AWS Permission Bouncers: Letting Loose in Dev, Keeping it Tight in Prod
Hi there, I wrote a blog post that y'all may be interested in. It discusses how to manage cross-account AWS IAM permissions for different teams with an open-source Python tool called IAMbic. Would love feedback!
-
Are there any AWS or 3rd party tools for centralizing IAM roles/policies?
super vague.. are you looking for an IdP? SSO? something like iambic
- IAMbic: OSS Cloud IAM as Code
- IAMbic: Open Source Multi-cloud IAM-as-code
-
IAMbic: OSS Multi-cloud IAM-as-code
I’m Curtis, and I’m excited to announce the open-source launch of IAMbic (IAM, but in code), a multi-cloud control plane that simplifies IAM management in a GitOps workflow. It’s like Terraform for Cloud IAM, but way easier. See for yourself on GitHub.
What are some alternatives?
FreeRADIUS - FreeRADIUS - A multi-protocol policy server.
iambic-templates-examples - An fully working example of iambic-templates
GlobalProtect-openconnect - A GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, Yubikey, etc.
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
daloRADIUS - daloRADIUS is an advanced RADIUS web management application for managing hotspots and general-purpose ISP deployments. It features user management, graphical reporting, accounting, a billing engine, and integrates with OpenStreetMap for geolocation. The system is based on FreeRADIUS with which it shares access to the backend database.
authum - Awesome authentication tool for connecting command line applications to SAML/OIDC identity and service providers
vmam - VLAN Mac-address Authentication Manager