policy-as-code

There are 12 repositories under policy-as-code topic.

• opal

  permitio / opal

  Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)

  authorizationcedarhacktoberfestmicroservicesopaopalopen-policy-agentopenfgapolicypolicy-as-codepubsubrealtimewebsocket
  Language:Python 5385

• octelium / octelium

  A next-gen FOSS self-hosted unified zero trust secure access platform that can operate as a remote access VPN, a ZTNA platform, API/AI/MCP gateway, a PaaS, an ngrok-alternative and a homelab infrastructure.

  abacai-gatewayapi-gatewaybeyondcorphomelabmfapaaspolicy-as-codequicremote-accesssshssovpnwireguardzero-trustztnakubernetestunnelmcp-gatewayopentelemetry
  Language:Go 2576
• fixinventory

  someengineering / fixinventory

  Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

  awsgcpinfrastructure-as-codedigitaloceansecuritysecurity-automationcnappcspmcybersecuritypolicy-as-codesecurity-audit
  Language:Python 2042

• kptdev / kpt

  Automate Kubernetes Configuration Editing

  krmkptconfiguration-managementgitopskuberneteskubectlkustomizecontainersschemaopenapiclideploymentpackaging-toolcustomizationvalidationpolicy-as-codeconfig-as-datashift-left
  Language:Go 1822

• aws-cloudformation / cloudformation-guard

  Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpyzpfoYGGuuUl0

  policy-as-codecloudformationterraformk8spolicy-rule-evaluationgovernancesecuritycompliancecfn-guard
  Language:Rust 1360
• pacbot

  tmobile / pacbot

  PacBot (Policy as Code Bot)

  cloud-securitysecurityawscontinous-compliancecloud-auditingpolicy-as-codecloudsecurity-automationaws-securityjavaangularjscloud-compliance-reportingcloud-nativespring-boot
  Language:Java 1305

• open-policy-agent / awesome-opa

  A curated list of OPA related tools, frameworks and articles

  opaopen-policy-agentopenpolicyagentopa-libraryawesomeawesome-listsecuritypolicy-as-code
  846
• vet

  safedep / vet

  Protect against malicious open source packages 🤖

  devsecopsgolanghacktoberfestnpmpolicy-as-codepypirubygemssecuritysoftware-composition-analysisstatic-analysissupply-chain-security
  Language:Go 824
• mobility-data-specification

  openmobilityfoundation / mobility-data-specification

  A data specification to enable right-of-way regulation, digital policy, geofencing, and two-way communication between mobility companies and public agencies worldwide.

  mdsscooterscarsharemobility-as-a-servicebike-sharemobilitymobility-datamicromobilitypassenger-servicesdelivery-robotgeofencingright-of-waypolicy-as-codedeliverytaxiopen-sourceautonomous-vehiclesfixed-routerobotaxiscooter-share
  722

• opengovern / opensecurity

  opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.

  auditcloud-securitycompliancecontainer-securitycspmdevsecopsoptimizationosspolicy-as-codesecuritysecurity-auditing-tool
  Language:TypeScript 617

• selefra / selefra

  The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

  gcpazurecspminfrastructure-as-codepolicy-as-codeawscloudgolangkubernetesfinopsdevopsgoogleterraformchatgptopenai
  Language:Go 541
• awesome-azure-policy

  globalbao / awesome-azure-policy

  A curated list of blogs, videos, tutorials, code, tools, scripts, and anything useful to help you learn Azure Policy - by @JesseLoudon

  azureawesome-listawesomeazurepolicyazure-policycloudcontrolsgovernanceguardrailspolicy-as-code
  531
• regal

  open-policy-agent / regal

  Regal is a linter and language server for Rego, bringing your policy development experience to the next level!

  linteropaopen-policy-agentregocode-qualitystatic-analysispolicy-as-codemagnificentlanguage-serverlsp
  Language:Go 345

• mondoohq / cnspec

  An open source, cloud-native security to protect everything from build to runtime

  cloud-nativecompliancedeclarativekubernetesopensourcepolicypolicy-as-codesecuritysecurity-as-code
  Language:Go 323

• noqdev / iambic

  IAMbic is Version-Control for IAM. It centralizes and simplifies cloud access and permissions. It maintains an eventually consistent, human-readable, bi-directional representation of IAM in Git.

  awsiamaws-multi-accountaws-organizationscompliancegoogle-workspaceinfrastructure-as-codeoktapolicy-as-code
  Language:Python 296

• microsoft / regorus

  Regorus - A fast, lightweight Rego (OPA policy language) interpreter written in Rust.

  interpreteroparegorustconfidential-computingpolicy-as-codeccppcsharpgolangjavascriptpythonwasmjavano-std
  Language:Rust 240

• kubewarden / kubewarden-controller

  Manage admission policies in your Kubernetes cluster with ease

  hacktoberfestkuberneteskubernetes-securitypolicy-as-codewebassembly
  Language:Go 217

• open-policy-agent / rego-style-guide

  Style guide for Rego

  regostyle-guidebest-practicesopaopen-policy-agentpolicy-as-codestyra
  203

• hysnsec / awesome-policy-as-code

  A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.

  awesomeawesome-listpolicy-as-codeappsecdevsecopspractical-devsecops
  197

• stakpak / devx

  A tool for generating, validating & sharing all your configurations, powered by CUE. Works with Kubernetes, Terraform, Compose, GitHub actions and much more...

  cloud-nativedevopsplatform-engineeringinfrastructure-as-codeconfig-as-dataconfiguration-managementgitopsschemashift-leftvalidationpolicy-as-codedevx
  Language:Go 193

• globalbao / azure-policy-as-code

  Bicep and Terraform code examples for policy-as-code workflows. Azure governance guardrails and automation - by @JesseLoudon

  azure-policypolicy-as-codebicepcicdterraformazurermarmtemplatesazurepolicyazuredevopsterraform-azurermazurecustom-policiesdevops
  Language:HCL 183

• permitio / cedar-agent

  Cedar-agent is the easiest way to deploy and run Cedar

  cedaropalopen-policypolicy-as-code
  Language:Rust 176

• anderseknert / kube-review

  Create Kubernetes AdmissionReview requests from Kubernetes resource manifests

  kubernetesk8skube-reviewkubectladmission-webhookadmission-controlleradmission-reviewvalidating-admission-webhookmutating-admission-webhookpolicy-as-codeopen-policy-agentopa
  Language:Go 161

• kubewarden / policy-server

  Webhook server that evaluates WebAssembly policies to validate Kubernetes requests

  rustkuberneteswebassemblypolicykubernetes-webhookkubernetes-securitypolicy-as-codehacktoberfest
  Language:Rust 151
• magtape

  tmobile / magtape

  MagTape Policy-as-Code for Kubernetes

  magtapekubernetespolicyopatmobileadmission-controllerwebhookpolicy-as-codepython
  Language:Python 151

• aipotheosis-labs / gate22

  Open-source MCP gateway and control plane for teams to govern which tools agents can use, what they can do, and how it’s audited—across agentic IDEs like Cursor, or other agents and AI tools.

  agentsaiai-agentscontrol-planegatewayguardrailsllmmcpmcp-toolsoauth2open-sourcepermissionspolicy-as-coderbac
  Language:TypeScript 140

• aws-cloudformation / aws-guard-rules-registry

  Rules Registry for Compliance Frameworks

  awsinfrastructure-as-codepolicy-as-codestatic-application-security-testingcfn-guard
  Language:Python 134

• gjyoung1974 / soc2-policy-templates

  Template SOC2 Policy Authority - documentation pipeline

  compliance-as-codepolicy-as-codecompliancesecuritysecurity-automationsoc2documentation-generatordocumentation-pipelinedocumentation-automation
  Language:HTML 132

• open-policy-agent / vscode-opa

  An extension for VS Code which provides support for OPA and the Rego policy language

  opaopen-policy-agentpolicy-as-coderegovscode-extension
  Language:TypeScript 123

• chef / cookstyle

  A linting tool that helps you to write better Chef Infra cookbooks and InSpec profiles by detecting and automatically correcting style, syntax, and logic mistakes in your code.

  chef-infracookbooklintingrubocopchefhacktoberfestinspecprofilepolicy-as-coderecipescontrols
  Language:Ruby 113

• hexa-org / policy-orchestrator

  Hexa Policy Orchestrator enables you to manage all of your access policies consistently across software providers.

  cloud-nativepolicy-as-codesecurity
  Language:Shell 103

• augur-ai / mantis

  Mantis is a unified infrastructure as code framework that replaces Terraform and Helm

  helm-chartsinfrastructure-as-codekuberneteskubernetes-deploymentopentofupolicy-as-codeterraform
  Language:Go 100

• kubewarden / kwctl

  Go-to CLI tool for Kubewarden users

  hacktoberfestkuberneteskubernetes-securitypolicy-as-codewebassembly
  Language:Rust 86
• intercept

  xfhg / intercept

  INTERCEPT / Policy as Code Auditing & Compliance

  scannerpolicy-as-codepolicy-evaluationpolicy-monitoringpolicy-enginestatic-analysisenforcementauditauditingsecuritypolicysastdevsecopscompliancesecurity-auditsecurity-automationsecurity-toolssecconf
  Language:Go 85

• dod-advana / gamechanger

  GAMECHANGER aspires to be the Department’s trusted solution for evidence-based, data-driven decision-making across the universe of DoD requirements

  defensepolicy-as-codepolicysearch
  Language:Shell 75

• developer-guy / policy-as-code-war

  OPA Gatekeeper vs Kyverno

  kubernetesminikubekyvernoopaopen-policy-agentpolicy-as-code
  66