Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/quicsec/quicsec
HTTP/3-enable existing HTTP apps. Leverage HTTP3 native features and auto-enable workload identity (SPIFFE), AuthN (mTLS/x509, OIDC/Auth0-Okta), AuthZ (OPA), defense-in-depth (WAAP/WAF), and observability (metrics, logs, alerting, dashboard).
https://github.com/quicsec/quicsec
auth0 authentication cert-manager cloud-native grafana http http3 kubernetes loki metrics mtls oidc okta open-policy-agent prometheus quic security spiffe waf zero-trust
Last synced: 23 days ago
JSON representation
HTTP/3-enable existing HTTP apps. Leverage HTTP3 native features and auto-enable workload identity (SPIFFE), AuthN (mTLS/x509, OIDC/Auth0-Okta), AuthZ (OPA), defense-in-depth (WAAP/WAF), and observability (metrics, logs, alerting, dashboard).
- Host: GitHub
- URL: https://github.com/quicsec/quicsec
- Owner: quicsec
- License: apache-2.0
- Created: 2022-09-08T16:06:14.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2024-03-20T19:59:39.000Z (8 months ago)
- Last Synced: 2024-10-01T02:23:37.953Z (about 1 month ago)
- Topics: auth0, authentication, cert-manager, cloud-native, grafana, http, http3, kubernetes, loki, metrics, mtls, oidc, okta, open-policy-agent, prometheus, quic, security, spiffe, waf, zero-trust
- Language: Go
- Homepage: https://quicsec.io/
- Size: 753 KB
- Stars: 69
- Watchers: 4
- Forks: 2
- Open Issues: 12
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING_CODE.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: docs/security/security-jwt.md
- Governance: GOVERNANCE.md
Awesome Lists containing this project
README
# QuicSec
## Why
QuicSec middleware streamlines application migration to HTTP/3 and automates the injection of plugins for identity/certificate management and rotation, authentication/authorization and observability. The current QuicSec [Feature List](docs/Features.md) lists the current supported capabilities.
## Overview
Upgrading your application to HTTP/3 can be done in 3 steps
1. Build: Import QuicSec HTTP library
2. Run with automated identity & security policies & observability & connection management## Detailed How To
1. Build
Update your HTTP call with QuicSec Middleware [Detailed guide](https://quicsec.io/docs/porting)
![Update HTTP Service](https://quicsec.io/images/desktop/quicsec-listen-and-serve.png)
2. Run
Enable identity, security and observability plugins dynamically at runtime.
* Enable pluggable workload identity solution (E.g., [cert-manager-csi-spiffe](https://github.com/quicsec/quicsec/blob/main/examples/bookstore/CERT-MANAGER.md))
* (Optional) Enable pluggable external security/policy engines and WAFs or use built-in [policy configuration](https://quicsec.io/docs/use-cases/mtls)
* (Optional) Integrate with runtime observability platforms for log aggregation, telemetry, dashboards or use built-in [observability platform example](https://quicsec.io/docs/use-cases/observability)## Sample App: Adding QuicSec to BookStore
### Running Applications with QuicSec
The [Bookstore Example](https://quicsec.io/docs/example-bookstore) illustrates how a set of microservices can be migrated with a one-line change to add HTTP/3 support, and in the process gain automatic identity management (certificate injection and rotation), security (mTLS with AuthN/Z) and observability (metrics, logs, performance analysis).
In addition, application access over HTTP/3 improves latency by up to a third vs using previous versions of HTTP.