opal
azure-policy
Our great sponsors
opal | azure-policy | |
---|---|---|
12 | 9 | |
13 | 1,430 | |
- | 2.0% | |
0.0 | 8.1 | |
8 days ago | 11 days ago | |
Python | Open Policy Agent | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
opal
- OPAL - realtime updates for Open-Policy-Agent (open-source)
-
Any open-source project that uses FastAPI?
We'd love a hand with https://github.com/authorizon/opal (OPAL.ac) fully written in FastAPI, as well as Typer.
- Monthly 'Shameless Self Promotion' thread - 2021/05
-
Upcoming PyCon talk about the RPC and Pub/Sub Python packages powering OPAL.ac
I'll be speaking in the upcoming [PyCon Israel](https://pycon.org.il/2021/) about https://github.com/authorizon/fastapi_websocket_pubsub and https://github.com/authorizon/fastapi_websocket_rpc the two communication packages powering both [OPAL.ac](https://opal.ac) and [authorizon.com](https://www.authorizon.com) Will also share the talk itself after PyCon publish it to Youtube
-
Opal open source adds realtime updates to Open-Policy-Agent
And of course - you're more than welcome to try it.
https://github.com/authorizon/opal
- Introducing OPAL: real-time policy and data updates on top of Open Policy Agent (Open Source)
-
OPAL - New cloud-native open-source for realtime authorization, 100% Python
https://opal.ac https://github.com/authorizon/opal
-
Introducing OPAL: real-time policy and data updates on top of Open Policy Agent
OPAL comes with prebuilt docker images you can use in any cloud environment - and of course in Google Cloud as well :)
-
OPAL - a new open-source for access control based on FastAPI and Typer
Check out our website at opal.ac and the project on github.
azure-policy
- VMSS Azure Policy Compliance
-
Automation as key to cloud adoption success
Reference: https://github.com/Azure/azure-policy
-
Favorite cloud provider governance tips and tricks?
I just came across this post over in the Azure subreddit and it gave me a good idea on one way to deal with rogue Azure subscriptions - just have them default into a Management Group where a policy is in-place that basically denies use of any and all services.
-
How can we stop random users in our on-prem AD from creating new Azure subscriptions?
Oooo, that's a nice trick for the use of the root management group which usually has best practice to leave empty. I like that a lot! Could maybe pair that with the "deny all resource types" policy sample, and then even if someone does create a new subscription it's pretty much 100% neutered until someone pulls it out of the root management group and places it somewhere else.
-
Architecture on Decommission huge list of old Azure servers
Found a 2018 Github article - https://github.com/Azure/azure-policy/issues/102
-
Public assets
MS Repo https://github.com/Azure/azure-policy/tree/master/built-in-policies/policyDefinitions
-
How can I resolve this Security center recommendation: "Replace a process level token"
I can see here that is expecting azure-policy/AzureWindowsBaseline.mof at master · Azure/azure-policy · GitHub: "LOCAL SERVICE, NETWORK SERVICE". However, that would exclude the web app pools.
-
Iron Dome = 'Security Policies' at scale for your Multi-Cloud accounts
Azure shared with us a GitHub repository contains built-in samples of Azure Policies that can be used as reference for creating and assigning policies to your subscriptions and resource groups.
-
Compliance with policy or blueprints?
The only real way you'll be able to do this is via an Azure Policy, alongside a deny effect - where your policy would restrict based on the type field, with the values passed in via an array parameter (example)
What are some alternatives?
opa-envoy-plugin - A plugin to enforce OPA policies with Envoy
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
fastapi_websocket_pubsub - Fork of https://github.com/permitio/fastapi_websocket_pubsub
shellharden - The corrective bash syntax highlighter
OPAL - Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
balanced-employee-ip-agreement - GitHub's employee intellectual property agreement, open sourced and reusable
dispatch - All of the ad-hoc things you're doing to manage incidents today, done for you, and much more!
Community-Policy - This repo is for Microsoft Azure customers and Microsoft teams to collaborate in making custom policies.
kraken - Kraken CI is a continuous integration and testing system.
Certified-Kubernetes-Security-Specialist - Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
azure-functions-python-samples - Azure Functions Python Sample Codes. NOTE: The project, hosted in a repository, is no longer actively maintained by its creators or contributors. There won't be any further updates, bug fixes, or support from the original developers in the project.
AKS - Azure Kubernetes Service