deprecated-api-versions-policy
cedar-agent
deprecated-api-versions-policy | cedar-agent | |
---|---|---|
1 | 7 | |
15 | 121 | |
- | 4.1% | |
6.9 | 6.3 | |
7 days ago | 15 days ago | |
Rust | Rust | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
deprecated-api-versions-policy
-
Isint release cycle becoming a bit crazy with monthly releases and deprecations ?
If you use something like kubewarden, people write policies and update them on GitHub for example
cedar-agent
-
How Reddit Built Authorization with OPA
Open Policy Administration Layer (OPAL), is an open source administration layer for Policy Engines such as Open Policy Agent (OPA), and AWS' Cedar Agent that detects changes to both policy and policy data in real time and pushes live updates to those agents. Using Git repositories and GitOps as a method for rule storage, OPAL provides several benefits:
-
Python Authorization Anti-Patterns and How to Avoid Them
This is_authorize function is calling the Cedar-agent, an engine that can evaluate the policy and return the decision. The function is generic and can be used with any policy model.
-
Authorization and Cedar: A New Way to Manage Permissions - Part II
There is also open source project called cedar-agent to make life easier when working with Cedar policies.
- cedar-agent
- Show HN: Run AWS Cedar Policy Like OPA
- Show HN: Cedar Policy Agent – Run AWS Cedar Like OPA
- Cedar Policy Language Is Now Open Source
What are some alternatives?
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Kubewarden - Kubewarden is a policy engine for Kubernetes. It helps with keeping your Kubernetes clusters secure and compliant. Kubewarden policies can be written using regular programming languages or Domain Specific Languages (DSL) sugh as Rego. Policies are compiled into WebAssembly modules that are then distributed using traditional container registries.
enhancements - Enhancements tracking repo for Kubernetes
cedar-authorization-service - The Cedar Authorization Service is a lightweight, standalone server developed in Rust that is designed to evaluate and enforce access control policies written in Cedar, an open-source policy language developed by AWS.
genact - 🌀 A nonsense activity generator
cloudformation-guard - Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpyzpfoYGGuuUl0
OPAL - Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
lumen - An alternative BEAM implementation, designed for WebAssembly
Opal - Ruby ♥︎ JavaScript
boa - Boa is an embeddable and experimental Javascript engine written in Rust. Currently, it has support for some of the language.