awesome-repositories.com
المدونة
awesome-repositories.com

اكتشف أفضل مستودعات المصادر المفتوحة باستخدام بحث مدعوم بالذكاء الاصطناعي.

استكشفعمليات بحث منسقةبدائل مفتوحة المصدربرمجيات ذاتية الاستضافةالمدونةخريطة الموقع
المشروعحولكيفية ترتيب النتائجالصحافةخادم MCP
قانونيالخصوصيةالشروط
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

4 مستودعات

Awesome GitHub RepositoriesPolicy-as-Code Definitions

Managing authorization policies and resources as version-controlled code using Terraform, Pulumi, and Helm.

Distinct from Infrastructure as Code: Distinct from Infrastructure as Code: focuses on applying IaC principles specifically to authorization policies and resources.

Explore 4 awesome GitHub repositories matching devops & infrastructure · Policy-as-Code Definitions. Refine with filters or upvote what's useful.

Awesome Policy-as-Code Definitions GitHub Repositories

اعثر على أفضل المستودعات باستخدام الذكاء الاصطناعي.سنبحث عن أفضل المستودعات المطابقة باستخدام الذكاء الاصطناعي.
  • ory/ketoالصورة الرمزية لـ ory

    ory/keto

    5,270عرض على GitHub↗

    Ory Keto is an open-source authorization server that implements Google Zanzibar’s relationship-based access control model. It stores every access relationship as a tuple in a SQL database and exposes a declarative TypeScript-like namespace language for defining object types, relations, and permissions. The service provides bidirectional permission resolution, configurable consistency levels for checks, and dual gRPC and REST APIs for broad integration. Keto extends the Zanzibar model with edge enforcement of access policies, structured compliance auditing of permission decisions, and infrastr

    Manages authorization resources and policies declaratively using Terraform, Pulumi, and Helm configurations.

    Goabacaccess-controlacl
    عرض على GitHub↗5,270
  • openfga/openfgaالصورة الرمزية لـ openfga

    openfga/openfga

    4,793عرض على GitHub↗

    OpenFGA is a fine-grained authorization server and policy decision point that implements relationship-based access control. It serves as a centralized authorization service for evaluating access requests and managing relationship tuples across distributed microservices and multi-tenant environments. The engine combines relationship graphs with attribute-based access control, using the Common Expression Language to evaluate dynamic runtime attributes and conditional access rules. It handles complex hierarchies and nested permissions by traversing chains of associations and parent-child links t

    Implements authorization logic as version-controlled code to enable automated testing and safe deployments via CI/CD pipelines.

    Goabacauthorizationentitlements
    عرض على GitHub↗4,793
  • cerbos/cerbosالصورة الرمزية لـ cerbos

    cerbos/cerbos

    4,460عرض على GitHub↗

    Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing access control. It functions as a policy-as-code platform, allowing teams to define, test, and distribute authorization rules using declarative YAML or JSON configurations. By decoupling access logic from application code, it enables consistent permission enforcement across diverse service stacks. The project distinguishes itself through its ability to translate high-level authorization policies into native database query filters. This capability allows applications to enforce sec

    Manages authorization rules in versioned, human-readable files that support automated testing, validation, and GitOps-based deployment pipelines.

    Goaccess-controlauthorizationgo
    عرض على GitHub↗4,460
  • dnscontrol/dnscontrolالصورة الرمزية لـ DNSControl

    DNSControl/dnscontrol

    3,863عرض على GitHub↗

    DNSControl is an infrastructure-as-code tool designed to manage DNS records and zones across multiple providers through a unified, programmable configuration language. By treating DNS as code, it enables teams to maintain consistent infrastructure state, automate record updates, and perform version-controlled management of network settings across diverse cloud, registrar, and network DNS services. The system functions as a multi-provider orchestrator that uses a declarative reconciliation engine to compare local configurations against live remote states. It employs a provider-agnostic abstrac

    Enables managing DNS zones and records as version-controlled code using a domain-specific language.

    Go
    عرض على GitHub↗3,863
  1. Home
  2. DevOps & Infrastructure
  3. Infrastructure as Code
  4. Policy-as-Code Definitions