iam-to-casbin-translator - Translate AWS IAM policy to Casbin policy

  •        114

Translate AWS IAM policy to Casbin policy

https://github.com/casbin/casbin
https://github.com/casbin/iam-to-casbin-translator

Tags
Implementation
License
Platform

   




Related Projects

Casbin - An authorization library that supports access control models like ACL, RBAC, ABAC

  •    Go

Casbin is an authorization library that supports access control models like ACL, RBAC, ABAC. In Casbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration.

casbin-rs - An authorization library that supports access control models like ACL, RBAC, ABAC in Rust

  •    Rust

Casbin-RS is a powerful and efficient open-source access control library for Rust projects. It provides support for enforcing authorization based on various access control models. In casbin-rs, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. You can customize your own access control model by combining the available models. For example, you can get RBAC roles and ABAC attributes together inside one model and share one set of policy rules.

Casbin

  •    CSharp

Casbin.NET is a powerful and efficient open-source access control library for .NET (C#) projects. It provides support for enforcing authorization based on various access control models. In Casbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. You can customize your own access control model by combining the available models. For example, you can get RBAC roles and ABAC attributes together inside one model and share one set of policy rules.

xorm-adapter - Xorm adapter for Casbin

  •    Go

Xorm Adapter is the Xorm adapter for Casbin. With this library, Casbin can load policy from Xorm supported database or save policy to it. This project is under Apache 2.0 License. See the LICENSE file for the full license text.

authz - gin-authz is an authorization middleware for Gin

  •    Go

Authz is an authorization middleware for Gin, it's based on https://github.com/casbin/casbin. For how to write authorization policy and other details, please refer to the Casbin's documentation.


aws-iam-authenticator - A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

  •    Go

A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project recieves contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS IAM credentials to provision and update the cluster. By using AWS IAM Authenticator for Kubernetes, you avoid having to manage a separate credential for Kubernetes access. AWS IAM also provides a number of nice properties such as an out of band audit trail (via CloudTrail) and 2FA/MFA enforcement.

casbin-forum - Next-generation forum software based on React + Golang, QQ group: 555019739

  •    Javascript

Casbin-forum is the official forum for Casbin developers and users. Casbin-forum uses XORM to connect to DB, so all DBs supported by XORM can also be used.

aws-serverless-auth-reference-app - Serverless reference app and backend API, showcasing authentication and authorization patterns using Amazon Cognito, Amazon API Gateway, AWS Lambda, and AWS IAM

  •    TypeScript

SpaceFinder is a reference mobile app that allows users to book conference rooms, work desks, and other shared resources. The app showcases serverless authentication and authorization using the AWS platform.The mobile front-end is built using the Ionic 3 framework and client libraries to call AWS services and mobile backend APIs. The backend APIs themselves are powered by AWS services. The backend APIs are built using a serverless architecture, which makes it easy to deploy updates, and it also means that there are no servers to operationally manage.

AirIAM - Least privilege AWS IAM Terraformer

  •    Python

AirIAM is an AWS IAM to least privilege Terraform execution framework. It compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform that replaces the exiting IAM management method. AirIAM was created to promote immutable and version-controlled IAM management to replace today's manual and error prone methods.

awacs - Python library for AWS Access Policy Language creation

  •    Python

The awacs library allows for easier creation of AWS Access Policy Language JSON by writing Python code to describe the AWS policies. To facilitate catching policy format or JSON errors early the library has property and type checking built into the classes. NOTE: The old awacs.aws.Policy object is going to be deprecated in the future, in preference for the awacs.aws.PolicyDocument class. This is due to confusion that arises between the old object and troposphere.iam.Policy objects.

policy_sentry - IAM Least Privilege Policy Generator

  •    Python

IAM Least Privilege Policy Generator. For walkthroughs and full documentation, please visit the project on ReadTheDocs.

ladon - A SDK for access control policies: authorization for the microservice and IoT age

  •    Go

Ladon is the serpent dragon protecting your resources.Ladon is a library written in Go for access control policies, similar to Role Based Access Control or Access Control Lists. In contrast to ACL and RBAC you get fine-grained access control with the ability to answer questions in complex environments such as multi-tenant or distributed applications and large organizations. Ladon is inspired by AWS IAM Policies.

kappa - What precedes Lambda

  •    Python

Kappa is a command line tool that (hopefully) makes it easier to deploy, update, and test functions for AWS Lambda. Kappa tries to help you with some of this. It creates all IAM policies for you based on the resources you have told it you need to access. It creates the IAM execution role for you and associates the policy with it. Kappa will zip up the function and any dependencies and upload them to AWS Lambda. It also sends test data to the uploaded function and finds the related CloudWatch log stream and displays the log events. Finally, it will add the event source to turn your function on.

kube2iam - kube2iam provides different AWS IAM roles for pods running on Kubernetes

  •    Go

Provide IAM credentials to containers running inside a kubernetes cluster based on annotations.Traditionally in AWS, service level isolation is done using IAM roles. IAM roles are attributed through instance profiles and are accessible by services through the transparent usage by the aws-sdk of the ec2 metadata API. When using the aws-sdk, a call is made to the ec2 metadata API which provides temporary credentials that are then used to make calls to the AWS service.

consoleme - A Central Control Plane for AWS Permissions and Access

  •    Python

Check out our quick start guide, documentation, feature videos, ReInvent Talk, and Blog Post. ConsoleMe is a web service that makes AWS IAM permissions and credential management easier for end-users and cloud administrators.

casnode - Next-generation forum software based on React + Golang, QQ group: 555019739, online demo: https://forum

  •    Javascript

Casnode is the official forum for Casbin developers and users. Casnode uses Casdoor to manage members. So you need to create an organization and an application for Casnode in a Casdoor instance.

aws-vault - A vault for securely storing and accessing AWS credentials in development environments

  •    Go

Securely store and access credentials for AWS. AWS Vault stores IAM credentials in your operating systems secure keystore and then generates temporary credentials from those to expose to your shell and applications. It's designed to be complementary to the aws cli tools, and is aware of your profiles and configuration in ~/.aws/config. Check out the announcement blog post for more details.

security_monkey - Security Monkey

  •    Python

Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when.Security Monkey can be extended with custom account types, custom watchers, custom auditors, and custom alerters.

cloudsplaining - Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report

  •    Javascript

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. For full documentation, please visit the project on ReadTheDocs.

Pomerium - Identity-aware access proxy

  •    Go

Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.