The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 13 Go Policy Projects
-
datree
Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
cerbos
Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.
-
KubeArmor
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).
-
gke-policy-automation
Tool and policy library for reviewing Google Kubernetes Engine clusters against best practices
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
netfetch
Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.
-
discovery-engine
Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data emitted from policy engines..
How can we handle this? Are there any mechanisms to prevent or at least to some extent safeguard this kind of issues without falling back to a manual workflow? There is. One huge advantage of sticking to (de-facto) standards like Terraform is that first we are probably not the first ones to come up with this question and second there is a huge ecosystem around Terraform that might help us with such challenges. And for this specific scenario the solution is the Open Policy Agent. Let us take a closer look how the solution could look like.
Project mention: Shrink to Secure: Kubernetes and Secure Compact Containers | news.ycombinator.com | 2023-07-02
Pike is a tool that analyzes Terraform managed resources and automatically generates the necessary IAM permissions, improving security by ensuring that only the minimum necessary permissions are granted.
Project mention: Who's actually using network policies in their clusters? Why/why not? | /r/kubernetes | 2023-12-08https://github.com/deggja/netfetch iDK there might already be tools out there that does this, but I could not find any.
Go Policy related posts
- SAP BTP, Terraform and Open Policy Agent
- 🖌️⚙️ Innovate Like Da Vinci: Blending Art and Science in Software Development
- Get started with Cerbos Hub
- Cerbos v0.32 released!
- Cerbos v0.32 released!
- Securing CI/CD Images with Cosign and OPA
- OPA vs. Google Zanzibar: A Brief Comparison
-
A note from our sponsor - WorkOS
workos.com | 25 Apr 2024
Index
What are some of the best open-source Policy projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | OPA (Open Policy Agent) | 9,118 |
2 | datree | 6,407 |
3 | gatekeeper | 3,465 |
4 | cerbos | 2,502 |
5 | KubeArmor | 1,273 |
6 | policy-bot | 705 |
7 | gke-policy-automation | 508 |
8 | pike | 499 |
9 | konstraint | 373 |
10 | opa-envoy-plugin | 306 |
11 | cnspec | 234 |
12 | netfetch | 131 |
13 | discovery-engine | 28 |
Sponsored