tsandall / minimal-opa-envoy-example
Minimal example showing how to enforce HTTP API access control policies using OPA and Envoy on Kubernetes.
☆9Updated 5 years ago
Alternatives and similar repositories for minimal-opa-envoy-example:
Users that are interested in minimal-opa-envoy-example are comparing it to the libraries listed below
- A Go library for implementing GitOps, used by Ignite☆66Updated last year
- ☆20Updated 3 weeks ago
- The CustomResourceDefinition toolbox.☆25Updated 2 years ago
- A Kubernetes CSI plugin to automatically mount SPIFFE certificates to Pods using ephemeral volumes☆79Updated this week
- Kubernetes Controller for managing Github☆38Updated last year
- Release tooling for KubeBuilder projects.☆19Updated 7 months ago
- ☆27Updated 2 years ago
- ☆20Updated 9 months ago
- A tool to handle the retagging of third party container images☆26Updated this week
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆62Updated this week
- Operator deploying the Observatorium project☆14Updated 11 months ago
- ☆13Updated last year
- [EXPERIMENTAL] Kubernetes Operator for Image Assurance☆20Updated 4 years ago
- Register Cluster-API clusters with Argo-CD☆26Updated this week
- Secure access to the Kubernetes API using SpiceDB☆29Updated this week
- Manage existing infrastructure with Cluster API using this provider.☆45Updated 2 years ago
- ETCD Admin Controller for EKS Anywhere☆10Updated 2 weeks ago
- Go library for installing and managing Kubernetes clusters☆35Updated 2 weeks ago
- ☆42Updated last year
- Open Source declarative disk configuration system for Kubernetes☆39Updated 2 years ago
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated 11 months ago
- pspmigrator is a tool to migrate from PSP to PSA☆29Updated last year
- A Kubernetes dynamic admission controller that uses WebAssembly policies to validate incoming requests☆25Updated 4 years ago
- Create a dedicated IaaS instance per Pod to mitigate container breakout (including CPU vulnerabilities depending on the instance type)☆22Updated 5 years ago
- experimental cuelang mod tool☆33Updated last year
- An operator for running Pomerium on a Kubernetes cluster.☆27Updated 2 years ago
- A CRD for arbitrary properties about a cluster☆34Updated last month
- Public registry for KRM functions☆19Updated 3 years ago
- Grafana multi tenant operator☆27Updated last month
- Behaviour driven reconciler testing framework.☆30Updated this week