Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zeiss/knox

Knox is a simple and secure Terraform backend.
https://github.com/zeiss/knox

go terraform

Last synced: 4 days ago
JSON representation

Knox is a simple and secure Terraform backend.

Host: GitHub
URL: https://github.com/zeiss/knox
Owner: ZEISS
License: apache-2.0
Created: 2024-06-16T18:38:11.000Z (5 months ago)
Default Branch: main
Last Pushed: 2024-09-16T04:21:37.000Z (about 2 months ago)
Last Synced: 2024-09-16T05:37:05.784Z (about 2 months ago)
Topics: go, terraform
Language: Go
Homepage: https://zeiss.github.io/knox/
Size: 32.8 MB
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # 🔨 Knox

[![Test & Build](https://github.com/zeiss/knox/actions/workflows/main.yml/badge.svg)](https://github.com/zeiss/knox/actions/workflows/main.yml)

[![Go Reference](https://pkg.go.dev/badge/github.com/zeiss/knox.svg)](https://pkg.go.dev/github.com/zeiss/knox)

[![Go Report Card](https://goreportcard.com/badge/github.com/zeiss/knox)](https://goreportcard.com/report/github.com/zeiss/knox)

[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)

[![Taylor Swift](https://img.shields.io/badge/secured%20by-taylor%20swift-brightgreen.svg)](https://twitter.com/SwiftOnSecurity)

Knox is a simple and secure Terraform backend.

## Features

- **Simple**: Knox is a simple and secure Terraform backend.

- **Secure**: Knox uses a secure and encrypted storage backend.

- **Fast**: Knox is fast and lightweight.

- **Versioned**: Knox supports versioning of the Terraform state.

Knox has a team-based management of the Terraform state. It is designed to be used in a multi-team environment where each team has its own workspace.

Knox is using [OpenFGA](https://openfga.dev/) as authorization backend.

## Terraform

To use Knox as a Terraform backend, you need to configure the backend in your Terraform configuration file.

The url contains the `team/project/environment` name. The `team` is the team name, the `project` is the project name, and the `environment` is the environment name.

```hcl

terraform {

  backend "http" {

    username       = "super"

    password       = "secret"

    address        = "http://localhost:8084/client/zeiss/demo/dev/state"

    lock_address   = "http://localhost:8084/client/zeiss/demo/dev/lock"

    unlock_address = "http://localhost:8084/client/zeiss/demo/dev/unlock"

    lock_method    = "POST"

    unlock_method  = "POST"

  }

}

```

## Helm Chart

There is a Helm chart available for Knox. You can find it in the [helm/charts](/helm/charts) directory.

:warning: **Please note that the Helm chart is still in development and should not be used in production.**

Knox requires a PostgreSQL database to store the state. [CockroachDB](https://www.cockroachlabs.com/) is recommended for production use.

```bash

helm repo add knox https://zeiss.github.io/knox/helm/charts

helm repo update

helm search repo knox

```

## License

[Apache 2.0](/LICENSE)