Top 23 Iam Open-Source Projects

• casbin

  38 16,865 7.2 Go

  An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

  

Project mention: A guide to Auth & Access Control in web apps 🔐 | dev.to | 2023-11-07

https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.

• awesome-aws

  2 12,165 2.6 Python

  A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• prowler

  24 9,547 9.8 Python

  Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

  

Project mention: Ask HN: Cloud security auditing for indie-grade projects? | news.ycombinator.com | 2023-12-04

Which cloud provider?

https://github.com/prowler-cloud/prowler is easy to get going with, and gives decent results. It's much stronger at AWS than GCP or Azure.

Steampipe can be a little harder to wrap your head around, but scales really well and has broader support: https://hub.steampipe.io/mods?objectives=security

• my-arsenal-of-aws-security-tools

  6 8,702 5.1 Shell

  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

• aws-vault

  49 8,141 1.7 Go

  A vault for securely storing and accessing AWS credentials in development environments

  

Project mention: Keep your AWS CLI config fresh with Cog | dev.to | 2024-03-28

Undying fondness for aws-vault to securely cache my session credentials.

• Pomerium

  26 3,843 9.7 Go

  Pomerium is an identity and context-aware reverse proxy for zero-trust access to web applications and services.

  

Project mention: OAuth server for authorization | /r/googlecloud | 2023-12-05

Option 3: Pomerium might be an alternative as well.

• Security-101

  1 3,291 7.9

  8 Lessons, Kick-start Your Cybersecurity Learning.

  

Project mention: Microsoft Security-101: Open-Source curriculum | news.ycombinator.com | 2024-02-29

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• iamlive

  30 2,952 6.2 Go

  Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy

Project mention: Why has AWS made IAM Actions impossible to find? | /r/aws | 2023-05-31

Also things like this (same guy) if you have a sandbox to play in with wider permissions and are trying to build a more scoped profile: https://github.com/iann0036/iamlive

• aws-iam-authenticator

  9 2,144 8.2 Go

  A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

  

Project mention: A Step-by-Step Guide to Easily Deploying EKS Infrastructure and Applications Using Terraform | dev.to | 2024-02-04

curl -Lo aws-iam-authenticator https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/download/v0.5.9/aws-iam-authenticator_0.5.9_linux_amd64 chmod +x ./aws-iam-authenticator mkdir -p $HOME/bin && cp ./aws-iam-authenticator $HOME/bin/aws-iam-authenticator && export PATH=$PATH:$HOME/bin echo 'export PATH=$PATH:$HOME/bin' >> ~/.bashrc

• kanidm

  12 2,133 9.7 Rust

  Kanidm: A simple, secure and fast identity management platform

  

Project mention: Identity Management Solutins | /r/openSUSE | 2023-05-25

Check this: https://github.com/kanidm/kanidm/ Maybe not production ready, but looks very promising

• policy_sentry

  5 1,938 8.1 Python

  IAM Least Privilege Policy Generator

  

• awesome-iam

  2 1,571 7.1

  👤 Identity and Access Management knowledge for cloud platforms

Project mention: Why use OpenID Connect instead of plain OAuth2? | news.ycombinator.com | 2023-06-27

You can start with: https://github.com/kdeldycke/awesome-iam . But beware of the rabbit hole!

• infra

  20 1,350 7.4 Go

  Infra provides authentication and access management to servers and Kubernetes clusters.

  

Project mention: Recommendations for a better way to grant access in K8s on a granular level? | /r/kubernetes | 2023-09-05

Check out https://infrahq.com. I saw the founder give a talk at the Civo conference in Feb.

• PMapper

  7 1,323 0.0 Python

  A tool for quickly evaluating IAM permissions in AWS.

  

• warrant

  39 979 8.9 Go

  Warrant is a highly scalable, centralized authorization service based on Google Zanzibar, used for defining, querying, and auditing application authorization models and access control rules.

  

Project mention: A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev | dev.to | 2024-02-05

Warrant — Hosted enterprise-grade authorization and access control service for your apps. The free tier includes 1 million monthly API requests and 1,000 authz rules.

• awesome-auth

  4 895 4.9

  📊 Software and Libraries for Authentication & Authorization & SSO & IAM

  

• granted

  15 888 8.7 Go

  The easiest way to access your cloud.

  

Project mention: Ask HN: How do you manage many profiles and credentials for cloud tooling? | news.ycombinator.com | 2023-10-03

You're going to love https://granted.dev. It can be extended further, as we've done internally: https://www.duckbillgroup.com/blog/overhauling-aws-account-a...

• auth

  13 826 7.6 TypeScript

  A GitHub Action for authenticating to Google Cloud. (by google-github-actions)

  

Project mention: Push code with GitHub Actions to Google Cloud’s Artifact Registry | dev.to | 2024-04-10

This workflow will authenticate with Google Cloud using the Google Cloud auth GitHub Action and use Docker to authenticate and push to the registry. To make this workflow work (or flow?) we need to set up some Google Cloud resources and add in those values for our environment variables. Make sure to add in the value for PROJECT_ID where you have permission to create resources. The value for IMAGE_NAME can be anything — it’ll be created the first time this workflow runs:

• trailscraper

  6 762 8.9 Python

  A command-line tool to get valuable information out of AWS CloudTrail

• iam-policy-json-to-terraform

  3 758 7.5 Go

  Small tool to convert an IAM Policy in JSON format into a Terraform aws_iam_policy_document

• AirIAM

  3 752 0.0 Python

  Least privilege AWS IAM Terraformer

  

Project mention: AWS Networking Concepts in a Diagram | news.ycombinator.com | 2023-07-22

ugh access + least privilege on AWS + GCP is really hard

not made easier by the fact that debugging service accounts can sometimes require rebooting boxes or clusters

'cloud traceroute' to discover where exactly the problem is would be amazing

(in fairness there are 'least privilege' tools I haven't tried -- listed below and I recall reading about others)

1. iam access analyzer https://aws.amazon.com/blogs/security/iam-access-analyzer-ma...

2. airiam https://github.com/bridgecrewio/AirIAM

3. policy simulator https://cloud.google.com/policy-intelligence/docs/iam-simula...

• terraform-aws-iam

  4 751 8.0 HCL

  Terraform module to create AWS IAM resources 🇺🇦

  

Project mention: Help with the official EKS module | /r/Terraform | 2023-05-30

You need to create IRSA part and give it as a variable for addons. You can GitHub repository for more details https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-role-for-service-accounts-eks

• ssh-over-ssm

  2 720 3.2 Shell

  SSH over AWS SSM. No bastions or public-facing instances. SSH user management through IAM. No requirement to store SSH keys locally or on server.

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Iam related posts

• Keep your AWS CLI config fresh with Cog
  2 projects | dev.to | 28 Mar 2024
• A Step-by-Step Guide to Easily Deploying EKS Infrastructure and Applications Using Terraform
  2 projects | dev.to | 4 Feb 2024
• OAuth server for authorization
  1 project | /r/googlecloud | 5 Dec 2023
• Ask HN: How do you manage many profiles and credentials for cloud tooling?
  1 project | news.ycombinator.com | 3 Oct 2023
• Krptn: User Auth and Encryption of data at rest, derived from users’ credentials
  4 projects | news.ycombinator.com | 12 Sep 2023
• Recommendations for a better way to grant access in K8s on a granular level?
  1 project | /r/kubernetes | 5 Sep 2023
• AWS Networking Concepts in a Diagram
  1 project | news.ycombinator.com | 22 Jul 2023
• A note from our sponsor - WorkOS
  workos.com | 28 Apr 2024

  The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com