Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

awesome-policy-as-code

A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
https://github.com/hysnsec/awesome-policy-as-code

Last synced: 1 day ago
JSON representation

Tools
- Others
  - Regula - A tool that evaluates CloudFormation and Terraform infrastructure-as-code for potential AWS, Azure, and Google Cloud security and compliance violations prior to deployment
  - OPA - An open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack
  - OPAL - Policy and data administration, distribution, and real-time updates on top of Open Policy Agent
  - Intercept - Policy as Code static analysis auditing
  - Checkov - A static code analysis tool for infrastructure-as-code
  - Terrascan - Detects security vulnerabilities and compliance violations across your Infrastructure as Code
  - kics - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations earlier
  - Gatekeeper - Policy Controller for Kubernetes
  - Gatekeeper Policy Manager (GPM) - A simple to use web-based Gatekeeper policies manager
  - Konstraint - A policy management tool for interacting with Gatekeeper
  - Kyverno - A policy engine designed for Kubernetes. It can validate, mutate, and generate configurations using admission controls and background scans
  - kube-mgmt - Sidecar for managing OPA on top of Kubernetes
  - MagTape - A Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations
  - Fregot - A set of tools for working with the Rego policy language, which is part of the Open Policy Agent (OPA) policy engine
  - Deprek8ion - A set of rego policies to monitor Kubernetes APIs deprecations
  - Cloud Custodian - Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
  - Styra DAS - Commercial tools for managing OPA at scale and created by the founders and maintainers of Open Policy Agent (OPA)
  - OPCR - An open-source project that secures the software supply chain of OPA policies.
  - Terrascan - Detects security vulnerabilities and compliance violations across your Infrastructure as Code
Videos
Blogs

Programming Languages

Go 8 Python 4 Open Policy Agent 3 Haskell 1 TypeScript 1

Categories

Blogs 24 Tools 19 Videos 17

Sub Categories

Others 20 Kubernetes 17 Getting Started 8 Infrastructure-as-Code 5 AWS 4 CI/CD 3 Azure 3

Keywords

kubernetes 9 opa 6 policy 6 security 5 devops 4 compliance 4 infrastructure-as-code 4 security-tools 4 aws 4 devsecops 4 gatekeeper 3 sast 3 iac 3 aws-security 3 terraform 3 scans 3 open-policy-agent 3 azure 2 static-analysis 2 infrastructure 2 terrascan 2 security-violations 2 gcp-security 2 cloudsecurity 2 k8s 2 cloud-security 2 azure-security 2 rego 2 policy-engine 2 policy-as-code 2 architecture 2 gcp 2 cloudformation 1 security-automation 1 security-audit 1 secconf 1 scanner 1 policy-monitoring 1 policy-evaluation 1 enforcement 1 auditing 1 audit 1 lolcat 1 json 1 doge 1 declarative 1 cloud-native 1 serverless 1 rules-engine 1 management 1