awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

4 dépôts

Awesome GitHub RepositoriesPolicy-as-Code Definitions

Managing authorization policies and resources as version-controlled code using Terraform, Pulumi, and Helm.

Distinct from Infrastructure as Code: Distinct from Infrastructure as Code: focuses on applying IaC principles specifically to authorization policies and resources.

Explore 4 awesome GitHub repositories matching devops & infrastructure · Policy-as-Code Definitions. Refine with filters or upvote what's useful.

Awesome Policy-as-Code Definitions GitHub Repositories

Trouvez les meilleurs dépôts grâce à l'IA.Nous recherchons les dépôts les plus pertinents grâce à l'IA.
  • ory/ketoAvatar de ory

    ory/keto

    5,270Voir sur GitHub↗

    Ory Keto is an open-source authorization server that implements Google Zanzibar’s relationship-based access control model. It stores every access relationship as a tuple in a SQL database and exposes a declarative TypeScript-like namespace language for defining object types, relations, and permissions. The service provides bidirectional permission resolution, configurable consistency levels for checks, and dual gRPC and REST APIs for broad integration. Keto extends the Zanzibar model with edge enforcement of access policies, structured compliance auditing of permission decisions, and infrastr

    Manages authorization resources and policies declaratively using Terraform, Pulumi, and Helm configurations.

    Goabacaccess-controlacl
    Voir sur GitHub↗5,270
  • openfga/openfgaAvatar de openfga

    openfga/openfga

    4,793Voir sur GitHub↗

    OpenFGA is a fine-grained authorization server and policy decision point that implements relationship-based access control. It serves as a centralized authorization service for evaluating access requests and managing relationship tuples across distributed microservices and multi-tenant environments. The engine combines relationship graphs with attribute-based access control, using the Common Expression Language to evaluate dynamic runtime attributes and conditional access rules. It handles complex hierarchies and nested permissions by traversing chains of associations and parent-child links t

    Implements authorization logic as version-controlled code to enable automated testing and safe deployments via CI/CD pipelines.

    Goabacauthorizationentitlements
    Voir sur GitHub↗4,793
  • cerbos/cerbosAvatar de cerbos

    cerbos/cerbos

    4,460Voir sur GitHub↗

    Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing access control. It functions as a policy-as-code platform, allowing teams to define, test, and distribute authorization rules using declarative YAML or JSON configurations. By decoupling access logic from application code, it enables consistent permission enforcement across diverse service stacks. The project distinguishes itself through its ability to translate high-level authorization policies into native database query filters. This capability allows applications to enforce sec

    Manages authorization rules in versioned, human-readable files that support automated testing, validation, and GitOps-based deployment pipelines.

    Goaccess-controlauthorizationgo
    Voir sur GitHub↗4,460
  • dnscontrol/dnscontrolAvatar de DNSControl

    DNSControl/dnscontrol

    3,863Voir sur GitHub↗

    DNSControl is an infrastructure-as-code tool designed to manage DNS records and zones across multiple providers through a unified, programmable configuration language. By treating DNS as code, it enables teams to maintain consistent infrastructure state, automate record updates, and perform version-controlled management of network settings across diverse cloud, registrar, and network DNS services. The system functions as a multi-provider orchestrator that uses a declarative reconciliation engine to compare local configurations against live remote states. It employs a provider-agnostic abstrac

    Enables managing DNS zones and records as version-controlled code using a domain-specific language.

    Go
    Voir sur GitHub↗3,863
  1. Home
  2. DevOps & Infrastructure
  3. Infrastructure as Code
  4. Policy-as-Code Definitions