GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → authorizer-tech → access-controller

authorizer-tech / access-controller

Licence: Apache-2.0 license
A highly scalable open-source implementation of an access-control engine inspired by Google Zanzibar-"Google’s Consistent, Global Authorization System"

Programming Languages

go
31211 projects - #10 most used programming language

Labels

iamauthorizationaccess-controlauthorizeraccess-managementzanzibar

Projects that are alternatives of or similar to access-controller

Drf Access Policy
Declarative access policies/permissions modeled after AWS' IAM policies.
Stars: ✭ 200 (+227.87%)
Mutual labels:  iam, authorization, access-control
keycloak-restrict-client-auth
A Keycloak authenticator to restrict authorization on clients
Stars: ✭ 34 (-44.26%)
Mutual labels:  authorization, access-control, access-management
lua-casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Lua (OpenResty)
Stars: ✭ 43 (-29.51%)
Mutual labels:  authorization, access-control
dart-casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Dart/Flutter
Stars: ✭ 30 (-50.82%)
Mutual labels:  authorization, access-control
mod authnz jwt
An authentication module for Apache httpd using JSON Web Tokens
Stars: ✭ 74 (+21.31%)
Mutual labels:  iam, authorization
nova-permissions
Add Permissions based authorization for your Nova installation via User-based Roles and Permissions. Roles are defined in the database whereas Permissions are defined in the code base.
Stars: ✭ 115 (+88.52%)
Mutual labels:  authorization, access-control
rbac-tool
Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
Stars: ✭ 546 (+795.08%)
Mutual labels:  authorization, access-control
objection-authorize
isomorphic, "magical" authorization integration with Objection.js 🎉
Stars: ✭ 71 (+16.39%)
Mutual labels:  authorization, access-control
server
AuthzForce Server (Community Edition)
Stars: ✭ 48 (-21.31%)
Mutual labels:  authorization, access-control
speedle-plus
Speedle+ is an open source project for access management. It is based on Speedle open source project and maintained by previous Speedle maintainers.
Stars: ✭ 45 (-26.23%)
Mutual labels:  authorization, access-control
riam
AWS IAM inspired policy engine in Rust
Stars: ✭ 19 (-68.85%)
Mutual labels:  iam, authorization
ficam-playbooks
The Federal Identity Credentials and Access Management program publishes guides and playbooks to help U.S. federal executive agencies implement, maintain, and modernize identity management systems.
Stars: ✭ 30 (-50.82%)
Mutual labels:  authorization, access-control
spicedb
Open Source, Google Zanzibar-inspired fine-grained permissions database
Stars: ✭ 3,358 (+5404.92%)
Mutual labels:  authorization, zanzibar
caddy-security
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
Stars: ✭ 696 (+1040.98%)
Mutual labels:  authorization, access-control
role-based-access-control
Role-based authorization || Role-based access-control in React.js
Stars: ✭ 111 (+81.97%)
Mutual labels:  authorization, access-control
SpringSecurityInEasySteps
Learn Spring Security step by step
Stars: ✭ 13 (-78.69%)
Mutual labels:  authorization, access-control
iam
企业级的 Go 语言实战项目:认证和授权系统
Stars: ✭ 1,900 (+3014.75%)
Mutual labels:  iam, authorization
Keycloak Clojure
A Clojure library helping the integration of Keycloak with a Clojure Application + a sample SPA Client and API Server demonstrating the Keycloak integration
Stars: ✭ 81 (+32.79%)
Mutual labels:  iam, authorization
Awesome Iam
👤 Identity and Access Management Knowledge for Cloud Platforms
Stars: ✭ 186 (+204.92%)
Mutual labels:  iam, authorization
privx-on-aws
PrivX - Just-in-time Access Management
Stars: ✭ 18 (-70.49%)
Mutual labels:  iam, access-control
View All Similar Projects ➔

access-controller

Latest Release Go Report Card Slack

An implementation of a distributed access-control server that is based on Google Zanzibar - "Google's Consistent, Global Authorization System".

An instance of an access-controller is similar to the aclserver implementation called out in the paper. A cluster of access-controllers implement the functional equivalent of the Zanzibar aclserver cluster.

Getting Started

If you want to setup an instance of the Authorizer platform as a whole, browse the API References, or just brush up on the concepts and design of the platform, take a look at the official platform documentation. If you're only interested in running the access-controller then continue on.

Setup a Cluster

An access-controller server supports single node or multi-node (clustered) topologies. Instructions for running the server with these topologies are outlined below.

To gain the benefits of the distributed query model that the access-controller implements, it is recommend to run a large cluster. Doing so will help distribute query load across more nodes within the cluster. The underlying cluster membership list is based on Hashicorp's memberlist

a library that manages cluster membership and member failure detection using a gossip based protocol.

A cluster should be able to suport hundreds of nodes. If you find otherwise, please submit an issue.

Docker Compose

docker-compose.yml provides an example of how to setup a multi-node cluster using Docker and is a great way to get started quickly.

$ docker compose -f docker/docker-compose.yml up

Kubernetes (Recommended)

Take a look at our official Helm chart.

Pre-compiled Binaries

Download the latest release and extract it.

Pre-requisites

To run an access-controller you must have a running CockroachDB database. Take a look at setting up CockroachDB with Docker.

Single Node

$ ./bin/access-controller

Multi-node

Start a multi-node cluster by starting multiple independent servers and use the -join flag to join the node to an existing cluster.

$ ./bin/access-controller -node-port 7946 -grpc-port 50052
$ ./bin/access-controller -node-port 7947 -grpc-port 50053 -join 127.0.0.1:7946
$ ./bin/access-controller -node-port 7948 -grpc-port 50054 -join 127.0.0.1:7947

Next Steps...

Take a look at the examples of how to:

Don't hesitate to browse the official Documentation, API Reference and Examples.

Community

The access-controller is an open-source project and we value and welcome new contributors and members of the community. Here are ways to get in touch with the community:

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].