Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rond-authz/rond

A lightweight container for distributed security policy evaluation
https://github.com/rond-authz/rond

authorization hacktoberfest openpolicyagent rbac security

Last synced: about 2 months ago
JSON representation

A lightweight container for distributed security policy evaluation

Awesome Lists containing this project

README 

        






  Rönd Logo

  Rönd Logo

  



  

[![Build Status][github-actions-svg]][github-actions]

[![Coverage Status][coverall-svg]][coverall-io]

[![Go Report Card][go-report-card-badge]][go-report-card]

[![Go Sec][security-badge-svg]][security-badge]



[![Docs][docs-badge]][docs]



[![Mia-Platform][mia-platform-badge]][mia-platform]



# Rönd



Rönd is a lightweight container that distributes security policy enforcement throughout your application.




Rönd is based on [OpenPolicy Agent](https://www.openpolicyagent.org) and allows you to define security policies to be executed during API invocations. Rönd runs in your Kubernetes cluster as a sidecar container of your Pods.

Rönd intercepts the API traffic, applies your policies and, based on the policy result, forwards the request to your application service or rejects the API invocation.



## Why Rönd?



Find out more [here][why-rond].



## Features



Rönd supports three policy types:



1. Allow or reject request

2. Query generation during the request flow

3. Response body patching



## RBAC capabilities



Rönd natively allows you to build an RBAC solution based on Roles and Bindings saved in MongoDB.



## Who is using Rönd



Here is a list of awesome people using Rönd, if you're using it but do not appear in this list feel free to open a PR!



 * [Cattolica Assicurazioni](https://www.cattolica.it/)

 * [MDConcierge](https://www.mdconcierge.it/)

 * [Mia-Care](https://mia-care.io/)

 * [Mia-Platform](https://mia-platform.eu)

 * [PreviDigital](https://previdigital.com/)



## Local development



For local development you need to have Go installed locally, checkout the [go.mod](./go.mod#L3) file to know the currently used language version.



### Run tests



```sh

make test

```



Please note that in order to run tests you need Docker to be installed; tests need a local instance of MongoDB to be up and running, the `make test` command will take care of it by creating a new `mongodb` container. The container is auomatically removed at the end of tests; if it remains leaked simply run `make clean`.



#### With coverage



To run test with coverage file in output, run



```sh

make coverage

```



### Contributing



Please read [CONTRIBUTING.md](./CONTRIBUTING.md) for further details about the process for submitting pull requests.



[github-actions]: https://github.com/rond-authz/rond/actions/workflows/test.yml

[github-actions-svg]: https://github.com/rond-authz/rond/actions/workflows/test.yml/badge.svg

[coverall-svg]: https://coveralls.io/repos/github/rond-authz/rond/badge.svg

[coverall-io]: https://coveralls.io/github/rond-authz/rond

[security-badge-svg]: https://github.com/rond-authz/rond/actions/workflows/security.yml/badge.svg

[security-badge]: https://github.com/rond-authz/rond/actions/workflows/security.yml

[go-report-card-badge]: https://goreportcard.com/badge/github.com/rond-authz/rond

[go-report-card]: https://goreportcard.com/report/github.com/rond-authz/rond

[mia-platform-badge]: https://img.shields.io/badge/Supported%20by-Mia--Platform-green?style=for-the-badge&link=https://mia-platform.eu/&color=3d86f4&labelColor=214147

[mia-platform]: https://mia-platform.eu/?utm_source=referral&utm_medium=github&utm_campaign=rond

[docs-badge]: https://img.shields.io/badge/-Read%20the%20Docs-green?style=for-the-badge&color=3d86f4&labelColor=214147

[docs]: https://rond-authz.io/?utm_source=referral&utm_medium=github&utm_campaign=rond

[why-rond]: https://github.com/rond-authz#why-r%C3%B6nd