{"id":30215182,"url":"https://github.com/5gsec/nimbus","last_synced_at":"2025-08-14T02:02:59.926Z","repository":{"id":208661654,"uuid":"721907099","full_name":"5GSEC/nimbus","owner":"5GSEC","description":"Intent driven security automation framework","archived":false,"fork":false,"pushed_at":"2025-08-12T08:02:57.000Z","size":157462,"stargazers_count":26,"open_issues_count":81,"forks_count":11,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-08-12T08:27:36.799Z","etag":null,"topics":["5g","5g-core","intents","k8s","o-ran","operator-sdk","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/5GSEC.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-11-22T02:54:21.000Z","updated_at":"2025-06-22T06:54:33.000Z","dependencies_parsed_at":"2023-12-18T12:30:44.220Z","dependency_job_id":"72fa07f3-4ddd-4e1c-8b4d-441b0931565a","html_url":"https://github.com/5GSEC/nimbus","commit_stats":null,"previous_names":["5gsec/nimbus"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/5GSEC/nimbus","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5GSEC%2Fnimbus","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5GSEC%2Fnimbus/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5GSEC%2Fnimbus/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5GSEC%2Fnimbus/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/5GSEC","download_url":"https://codeload.github.com/5GSEC/nimbus/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5GSEC%2Fnimbus/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270347825,"owners_count":24568605,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-14T02:00:10.309Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["5g","5g-core","intents","k8s","o-ran","operator-sdk","security"],"created_at":"2025-08-14T02:02:01.635Z","updated_at":"2025-08-14T02:02:59.836Z","avatar_url":"https://github.com/5GSEC.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Nimbus: Intent Driven Security Operator\n\n\u003e The aim for any organization should be to state its security\n\u003e goal/intents and the underlying tooling/operator should be able to convert\n\u003e these goals/intents into actionable elements such as policies/rules.\n\nNimbus aims to decouple security intents from its actual implementation i.e.,\nuse of policy engines and corresponding policies and rules. This pattern exists\ncommonly in Kubernetes world and the best example is a storage operator,\nwherein the user specifies the persistent volume claims with appropriate SLA\n(disk space, R/W, speed) and the operator figures out the appropriate volume to\nbind. Nimbus intends to bring in similar abstraction for security intents\nwherein the user specifies the security intent and the operator figures out the\nbest implementation method available given the deployment.\n\n* An Intent might get translated into a set of policies and not necessarily a\n  single policy thus providing multi-layer defense. For example, an intent such\n  as \"Do not allow privilege escalation\" could get translated in to admission\n  controller policy and system policy as handled by runtime security engines\n  such as [KubeArmor](https://www.kubearmor.io).\n* An intent could take into consideration runtime behavior and then handle\n  intent implementation. For e.g., an intent could be \"Do not allow privilege\n  flags for pods that are publicly reachable\".\n* An intent might get fully or partially satisfied and the bindings clearly\n  shows that status.\n* An organization can provide a blueprint of intents given a deployment and the\n  operator could go an try to satisfy those intents in best-effort or strict mode.\n\n![](docs/nimbus.png)\n\n* [Getting Started](docs/getting-started.md)\n* [Quick Tutorials](docs/quick-tutorials.md)\n* [Contribution guide](CONTRIBUTING.md)\n\n# Credits\n\nThis project is funded by NSF grant ...\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F5gsec%2Fnimbus","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F5gsec%2Fnimbus","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F5gsec%2Fnimbus/lists"}