kubescape / cel-admission-libraryLinks
This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls, see here a comlete list https://hub.armosec.io/docs/controls
☆63Updated this week
Alternatives and similar repositories for cel-admission-library
Users that are interested in cel-admission-library are comparing it to the libraries listed below
Sorting:
- A pane of glass between you and your Kubernetes clusters.☆45Updated last year
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆84Updated last week
- approver-policy is a cert-manager approver that allows users to define policies that restrict what certificates can be requested.☆85Updated this week
- Alternate reports storage in Kubernetes outside etcd☆36Updated this week
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆61Updated last week
- Enterprise Distribution for Flux CD☆77Updated this week
- streamline multi arch k8s runtimes☆53Updated 6 months ago
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- Kubernetes Operator to sync secrets between different secret backends and Kubernetes☆163Updated last week
- A multi-tenancy focused solution, that facilitates collection of telemetry data from Kubernetes workloads transparently.☆47Updated this week
- Tracking Kubernetes Operators out in the wild.☆31Updated 8 months ago
- Lock for K8s☆56Updated last year
- pspmigrator is a tool to migrate from PSP to PSA☆29Updated last year
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆78Updated last year
- A kubectl plugin to visualize network policies rules.☆96Updated last year
- Kubernetes network policies☆57Updated last week
- Add digests to container and init container images in Kubernetes pod and pod template specs. Use either as a mutating admission webhook, …☆150Updated 4 months ago
- A flexible and scalable platform for running Kubernetes control plane APIs.☆75Updated this week
- K8s-shredder - an opinionated way of parking in Kubernetes☆82Updated last week
- Watch and print changes in k8s☆95Updated last year
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆63Updated 2 weeks ago
- Recreation of common Pod Security Policy configuration in other common Kubernetes policy engines☆50Updated last week
- Operator for Multi-Cluster Monitoring with Thanos.☆135Updated this week
- A Kubernetes CSI plugin to automatically mount SPIFFE certificates to Pods using ephemeral volumes☆80Updated this week
- Automatically register and generate AWS, GCP & Azure IAM roles, X.509 certificates and username/password pairs for Kubernetes pods using …☆62Updated last month
- Kube State Metrics `CustomResourceState` configurations for Gateway API resources☆23Updated 5 months ago
- [alpha] Controller to override image sources in the event that an image cannot be pulled.☆121Updated last week
- The Helm Charts OCI Proxy, will proxy and transform Helm Chart into OCI images on the fly. Address any Helm Chart as OCI image.☆129Updated 2 months ago
- Beyond RBAC: Implementing Relation-based Access Control for Kubernetes with OpenFGA☆67Updated last year
- In this repository, the development of the gardener extension, which deploys the flux controllers automatically to shoot clusters, takes …☆26Updated 3 months ago