#Policy
Showing 45 of 45 repositories tagged #policy, ranked by stars
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
Prevent Kubernetes misconfigurations from reaching production (again ๐ค )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
The corrective bash syntax highlighter
Generate a customized Privacy Policy and Terms of Use document for your mobile apps
Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.
๐ Policy Controller for Kubernetes
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (LSM-BPF, AppArmor).
KCL Programming Language Core and API (CNCF Sandbox Project). https://kcl-lang.io
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
A proposed standard that allows websites to define security policies.
A GitHub App that enforces approval policies on pull requests
building a chinese dialogue system based on the newest version of rasa(ๅบไบๆๆฐ็ๆฌrasaๆญๅปบ็ๅฏน่ฏ็ณป็ป)
Project Calico's per-host agent Felix, responsible for programming routes and security policy.
Pike is a tool for determining the permissions or policy required for IAC code
๐ The OPA Gatekeeper policy library
A secure* runtime for autonomous AI agents. Policy from plain-English constitutions. (*https://ironcurtain.dev)
Enterprise Azure Policy-as-Code (EPAC) solution
vArmor is a cloud-native container hardening system that leverages AppArmor/BPF/Seccomp and NetworkProxy technologies to enforce access control from system calls to application protocols โ protecting workloads including AI Agents.
Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.
OTel Weaver lets you easily develop, validate, document, and deploy semantic conventions
Kubernetes security tool for policy enforcement
An open source, cloud-native security to protect everything from build to runtime
A policy management tool for interacting with Gatekeeper
SELinux Reference Policy v2
A plugin to enforce OPA policies with Envoy
Execution-Layer Security (ELS) for AI agents โ policy-enforced shell with audit.
Sidecar for managing OPA instances in Kubernetes.
:unicorn: Type safe K8s middleware for humans
Demoing Kubernetes/AKS features
Privacy transformations on Spark and Pandas dataframes backed by a simple policy language.
Permission enforcement extension for the Pi coding agent.
Curated catalog of generally useful kpt functions
A curated list of tools, frameworks, and resources for IT compliance, security standards, and regulatory requirements
This is the public security policy of CISOfy, with extra resources like security tools.
Kyverno for any JSON!
This repository contains a sample IAM permissions boundary as a starting point for creating your own permissions boundary to meet the security needs of your organization. The IAM permissions boundary sample, when attached to an IAM role, allow it to perform all expected workload tasks without being able to modify the security of its environment.
INTERCEPT / Policy as Code Auditing
The Container Security Bookโa free book for practitioners
This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls, see here a comlete list https://hub.armosec.io/docs/controls
Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations, and compliance violations across your Kubernetes clusters, manifests, and CI/CD pipelines.
Share Terraform best practices and custom modules with the community
A cryptographically verifiable access control and directory system for Linux servers
RBAC-based And Policy-based Multi-Tenant Reactive Security Framework | ๅบไบ RBAC ๅ็ญ็ฅ็ๅค็งๆทๅๅบๅผๅฎๅ จๆกๆถ
This repository includes cloud security policies for IaC and live resources.