awesome-policy-as-code
A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
https://github.com/hysnsec/awesome-policy-as-code
Last synced: 3 days ago
JSON representation
-
Tools
-
Others
- Regula - A tool that evaluates CloudFormation and Terraform infrastructure-as-code for potential AWS, Azure, and Google Cloud security and compliance violations prior to deployment
- OPA - An open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack
- OPAL - Policy and data administration, distribution, and real-time updates on top of Open Policy Agent
- Intercept - Policy as Code static analysis auditing
- Checkov - A static code analysis tool for infrastructure-as-code
- Terrascan - Detects security vulnerabilities and compliance violations across your Infrastructure as Code
- kics - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations earlier
- Gatekeeper - Policy Controller for Kubernetes
- Gatekeeper Policy Manager (GPM) - A simple to use web-based Gatekeeper policies manager
- Konstraint - A policy management tool for interacting with Gatekeeper
- Kyverno - A policy engine designed for Kubernetes. It can validate, mutate, and generate configurations using admission controls and background scans
- kube-mgmt - Sidecar for managing OPA on top of Kubernetes
- MagTape - A Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations
- Fregot - A set of tools for working with the Rego policy language, which is part of the Open Policy Agent (OPA) policy engine
- Deprek8ion - A set of rego policies to monitor Kubernetes APIs deprecations
- Cloud Custodian - Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
- Styra DAS - Commercial tools for managing OPA at scale and created by the founders and maintainers of Open Policy Agent (OPA)
- Styra DAS - Commercial tools for managing OPA at scale and created by the founders and maintainers of Open Policy Agent (OPA)
- OPCR - An open-source project that secures the software supply chain of OPA policies.
- HashiCorp Sentinel - A language and framework for policy built to be embedded in existing software to enable fine-grained, logic-based policy decisions
-
-
Blogs
-
Getting Started
- Using Open Policy Agent for cloud-native app authorization
- Unified cloud-native authorization: Policy everywhere and for everyone
- What is Policy as Code?
- Introducing Policy As Code: The Open Policy Agent (OPA)
- Open Policy Agent: Authorization in a Cloud Native World
- Using Open Policy Agent for cloud-native app authorization
- Unified cloud-native authorization: Policy everywhere and for everyone
-
Infrastructure-as-Code
-
CI/CD
-
Kubernetes
- Better Kubernetes Security with Open Policy Agent (OPA) - Part 1
- Better Kubernetes Security with Open Policy Agent (OPA) - Part 2
- Enforcing Policy as Code using OPA and Gatekeeper in Kubernetes
- OPA the Easy Way feat. Styra DAS!
- OPA Gatekeeper: Policy and Governance for Kubernetes
- Enforce Organizational Policies and Security Best Practices to your Kubernetes Clusters By Using OPA Gatekeeper
- Applying Pod security policies using Gatekeeper
- Authorizing Microservice APIs With OPA and Kuma
- Better Kubernetes Security with Open Policy Agent (OPA) - Part 1
-
AWS
-
Azure
-
-
Videos
-
Kubernetes
- Kubernetes Native Policy As Code
- Kubernetes Native Policy As Code
- Policing Your Kubernetes Clusters with Open Policy Agent (OPA)
- Policy Enforcement on Kubernetes with Open Policy Agent
- Gatekeeper and OPA
- Gatekeeper: Flexible, Shareable Policy for Kubernetes
- K8s with OPA Gatekeeper
- Using Policy-as-Code to Manage Security Risk in K8s Before & After Deployment
- How to keep your clusters safe and healthy
-
Getting Started
-
Infrastructure-as-Code
-
CI/CD
-
Others
-
Programming Languages
Sub Categories
Keywords
kubernetes
8
opa
6
policy
6
security
4
compliance
4
infrastructure-as-code
3
gatekeeper
3
open-policy-agent
3
security-tools
3
devops
3
devsecops
3
aws
3
sast
2
static-analysis
2
aws-security
2
azure
2
gcp
2
iac
2
scans
2
policy-as-code
2
policy-engine
2
rego
2
k8s
2
terraform
2
authorization
1
cloud-native
1
declarative
1
doge
1
json
1
lolcat
1
audit
1
auditing
1
cloudformation
1
enforcement
1
scanner
1
secconf
1
policy-evaluation
1
security-automation
1
security-audit
1
policy-monitoring
1
fury
1
kustomize
1
policies
1
ui
1
web
1
webapp
1
conftest
1
policy-management
1
admission-controller
1
magtape
1