45 Open source projects that are alternatives of or similar to k8s-security-policies

A set of shared policies for use with Conftest and other Open Policy Agent tools

Oracle Cloud Infrastructure Service Broker is an open source implementation of Open service broker API Spec for OCI services. Customers can use this implementation to install Open Service Broker in Oracle Container Engine for Kubernetes or in other Kubernetes clusters.

Github Action that setup Kubernetes tools (kubectl, kustomize, helm, kubeconform, conftest, yq, rancher, tilt, skaffold) very fast and cache them on the runner. Please [✩Star] if you're using it!

Lightweight library in C# for implementing roles-based access control (RBAC). With Gatekeeper, you can define users, roles, resources, and permissions, and authorize requests.

Open Policy Agent (OPA) plug-in for Kafka authorization

A simple way to evaluate the security of your Kubernetes deployment against sets of best practices defined by various community sources

Simple command line tool to check for compliance against CIS Benchmarks

Call Open Policy Agent (OPA) policies in WASM (Web Assembly) from .NET Core

Ansible role for Ubuntu 2004 CIS Baseline

[WIP] 整理过去的分享，从零开始的Kubernetes攻防 🧐

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

CIS Baseline Ansible Role for Ubuntu 18

No description or website provided.

The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.

𝗖𝟯 provides compliant AWS CDK components to various security standards.

GKE CIS 1.1.0 Benchmark InSpec Profile

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

CIS CentOS Linux 7 Benchmark

Auditing Script based on CIS-BENCHMARK CENTOS 8

CIS for macOS 10.12 remediated with script and configuration profiles

No description or website provided.

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

Simple macOS GateKeeper script.

Notifies the user when macOS Security components like Gatekeeper and XProtect have been updated

Kubernetes Fury OPA. Policy enforcement for your Kubernetes Cluster

Write tests against structured configuration data using the Open Policy Agent Rego query language

An open source, general-purpose policy engine.

A curated list of OPA related tools, frameworks and articles

This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)

Policy and data administration, distribution, and real-time updates on top of Open Policy Agent

Python client for Open Policy Agent

Boilerplate example of managing OPA with kustomize

A GitHub Action for using Conftest

Pre-commit git hooks for Open Policy Agent (OPA) and Rego development

👀 A Kubernetes cluster resource sanitizer

Bulk port forwarding Kubernetes services for local development.

🐶 Kubernetes CLI To Manage Your Clusters In Style!

Faster way to switch between clusters and namespaces in kubectl

Highly extensible platform for developers to better understand the complexity of Kubernetes clusters.

Hunt for security weaknesses in Kubernetes clusters

This sample shows how to use the Application Gateway Ingress Controller in a multi-tenant AKS cluster to expose multiple instances of the same application, one for each tenant.

Kubetools - Curated List of Kubernetes Tools

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification