hysnsec/awesome-policy-as-code external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hysnsec/awesome-policy-as-code

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hysnsec/awesome-policy-as-code)

Close

hysnsec / awesome-policy-as-codeView on GitHubMore

• External links
• Readme badge

A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.

☆205Dec 6, 2023Updated 2 years ago

Alternatives and similar repositories for awesome-policy-as-code

Users that are interested in awesome-policy-as-code are comparing it to the libraries listed below

• hysnsec / awesome-sca

  View on GitHub
  A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
  ☆111Nov 26, 2024Updated last year
• IBM-Cloud / terraform-opa-ibm

  View on GitHub
  An OPA library to develop IT Control policies, for the IBM Cloud
  ☆17Sep 26, 2022Updated 3 years ago
• open-policy-agent / awesome-opa

  View on GitHub
  A curated list of OPA related tools, frameworks and articles
  ☆865Jan 16, 2026Updated last month
• gyrospectre / squyre

  View on GitHub
  Security Alert Decoration
  ☆27Jul 21, 2025Updated 7 months ago
• johanfylling / opa-dependency-manager

  View on GitHub
  OPA Dependency Manager (ODM)
  ☆12Jun 17, 2024Updated last year
• developer-guy / awesome-falco

  View on GitHub
  A curated list of Falco related tools, frameworks, blogs, podcasts, and articles
  ☆202Jul 28, 2021Updated 4 years ago
• threatcl / threatcl

  View on GitHub
  Documenting your Threat Models with HCL
  ☆454Mar 1, 2026Updated last week
• jdyke / gcp-iam-analyzer

  View on GitHub
  Compares and analyzes GCP IAM roles.
  ☆78Mar 9, 2025Updated last year
• anderseknert / kube-review

  View on GitHub
  Create Kubernetes AdmissionReview requests from Kubernetes resource manifests
  ☆159Mar 1, 2026Updated last week
• policy-hub / policy-hub-cli

  View on GitHub
  CLI for searching Rego policies
  ☆105Feb 5, 2022Updated 4 years ago
• xebia / falco-eks-audit-bridge

  View on GitHub
  Enable Falco to read audit logs from EKS
  ☆11Dec 13, 2020Updated 5 years ago
• plexsystems / konstraint

  View on GitHub
  A policy management tool for interacting with Gatekeeper
  ☆391Nov 20, 2025Updated 3 months ago
• aws-samples / infrastructure-assessment-iac-automation

  View on GitHub
  ☆12Oct 17, 2023Updated 2 years ago
• developer-guy / monitor-opa-gatekeeper

  View on GitHub
  🖥️ 👓 Monitor your OPA Gatekeeper via Grafana Dashboard
  ☆14Dec 17, 2020Updated 5 years ago
• tomtom-international / vault-assessment-prometheus-exporter

  View on GitHub
  Provides a prometheus exporter for monitoring aspects secrets stored on a running HashiCorp Vault server
  ☆32Oct 21, 2023Updated 2 years ago
• hysnsec / awesome-threat-modelling

  View on GitHub
  A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …
  ☆1,719Aug 2, 2024Updated last year
• developer-guy / container-image-sign-and-verify-with-cosign-and-opa

  View on GitHub
  This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
  ☆63Aug 4, 2021Updated 4 years ago
• sangkeon / opaguide_src

  View on GitHub
  ☆20Nov 22, 2023Updated 2 years ago
• aidansteele / s3zipper

  View on GitHub
  A tool that allows downloading S3 directories as ZIP files
  ☆34Apr 28, 2023Updated 2 years ago
• onelittlenightmusic / opactl

  View on GitHub
  A simple tool for converting Rego (OPA) rule into command.
  ☆30Jun 1, 2022Updated 3 years ago
• messypoutine / gravy-overflow

  View on GitHub
  A GitHub Actions Supply Chain CTF / Goat
  ☆26Jan 6, 2026Updated 2 months ago
• kubescape / regolibrary

  View on GitHub
  The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
  ☆131Feb 12, 2026Updated 3 weeks ago
• rallyhealth / conftest-policy-packs

  View on GitHub
  Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.
  ☆60Oct 19, 2023Updated 2 years ago
• Legit-Labs / legitify

  View on GitHub
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆833Mar 28, 2025Updated 11 months ago
• reposaur / reposaur

  View on GitHub
  Open source compliance tool for development platforms.
  ☆285Oct 30, 2023Updated 2 years ago
• zeek / zeek-agent-framework

  View on GitHub
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Oct 12, 2020Updated 5 years ago
• aquasecurity / chain-bench

  View on GitHub
  An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…
  ☆769Dec 11, 2024Updated last year
• PaloAltoNetworks / rbac-police

  View on GitHub
  Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
  ☆350Mar 21, 2025Updated 11 months ago
• fugue / fregot

  View on GitHub
  Fugue Rego Toolkit
  ☆235Jun 30, 2022Updated 3 years ago
• magnologan / awesome-k8s-security

  View on GitHub
  A curated list for Awesome Kubernetes Security resources
  ☆1,993Mar 1, 2026Updated last week
• cr0hn / rsm

  View on GitHub
  Redis Security Map - Anti-hacking for Redis
  ☆31Mar 11, 2022Updated 3 years ago
• google / localtoast

  View on GitHub
  ☆117Feb 11, 2026Updated 3 weeks ago
• OWASP / www-project-kubernetes-top-ten

  View on GitHub
  OWASP Foundation Web Respository
  ☆601Updated this week
• clutchsecurity / federator

  View on GitHub
  Terraform templates for CI/CD to Cloud federation and Cloud2Cloud IAM federations
  ☆67Jan 4, 2026Updated 2 months ago
• aidansteele / centralized-logs

  View on GitHub
  Centralizing AWS CloudWatch log forwarding via EventBridge and Step Functions
  ☆48Feb 12, 2023Updated 3 years ago
• ovotech / cloud-key-rotator

  View on GitHub
  A Golang program to rotate AWS & GCP account keys
  ☆67May 12, 2025Updated 9 months ago
• cmacrae / kove

  View on GitHub
  Watch your in cluster Kubernetes manifests for OPA policy violations and export them as Prometheus metrics
  ☆50Jul 4, 2023Updated 2 years ago
• prancer-io / prancer-compliance-test

  View on GitHub
  This repository includes cloud security policies for IaC and live resources.
  ☆40Nov 26, 2025Updated 3 months ago
• aquasecurity / tfsec-pr-commenter-action

  View on GitHub
  Add comments to pull requests where tfsec checks have failed
  ☆170Sep 20, 2023Updated 2 years ago