Search Results for "policy management"
Sort By:
Showing 136 open source projects for "policy management"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
1
Gatekeeper
Policy Controller for Kubernetes
A customizable cloud-native policy controller that helps enforce policies and strengthen governance. Gatekeeper makes managing policies on top of Kubernetes easy. Policies can be enforced at admission time or at runtime via the audit functionality. Gatekeeper is powered by the Open Policy Agent (OPA) project. Using OPA allows you to write policies that are powerful, flexible, and portable. Browse the policy library to find existing policies that fit your use case. Each policy in the library... -
2
Node-Casbin
An authorization library that supports access control models
Node-Casbin is a powerful and efficient open-source access control library for Node.js projects, supporting various access control models like ACL, RBAC, and ABAC. -
3
NetBird
Connect your devices into a secure WireGuard-based overlay network
NetBird is an open-source solution that builds a WireGuard®-based overlay network enabling seamless, encrypted peer-to-peer connectivity without the complexity of firewall rules, port forwarding, or centralized VPN gateways. It integrates access control features such as SSO and MFA for secure, policy-driven networking. Every machine in the network runs NetBird Agent (or Client) that manages WireGuard. Every agent connects to Management Service that holds network state, manages peer IPs, and distributes network updates to agents (peers). NetBird agent uses WebRTC ICE implemented in pion/ice library to discover connection candidates when establishing a peer-to-peer connection between machines. -
4
RustDesk Server PRO
Some scripts for RustDesk Server Pro are hosted here
This project provides the enterprise-grade backend for RustDesk deployments that need centralized management, stronger policy controls, and advanced operational tooling. It encompasses the components required to broker, relay, and supervise connections while adding administrative layers suitable for regulated or large environments. Organizations can standardize how clients authenticate, how sessions are permitted and audited, and how data paths are routed under diverse network constraints. ... -
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
5
mapcn
Beautiful map components, 100% Free, Zero config, one command setup
mapcn is a research-oriented project centered on mapping continuous control in reinforcement learning to structured policies using neural networks. It explores how high-dimensional action spaces can be decomposed into structured primitives that can be learned, composed, and reused across different tasks. The core idea is to enable agents to generalize learned behavior by representing continuous control policies in a compact, interpretable form that preserves smoothness and controllability.... -
6
Kubernetes Capsule
Multi-tenancy and policy-based framework for Kubernetes
Capsule implements a multi-tenant and policy-based environment in your Kubernetes cluster. It is designed as a micro-services-based ecosystem with a minimalist approach, leveraging only on upstream Kubernetes. Kubernetes introduces the Namespace object type to create logical partitions of the cluster as isolated slices. However, implementing advanced multi-tenancy scenarios, it soon becomes complicated because of the flat structure of Kubernetes namespaces and the impossibility to share... -
7
Salt
Automate the management and configuration of infrastructures at scale
Salt Bootstrap is a shell script that detects the target platform and selects the best installation method. (Supported Platforms) Your Salt master can manage itself, so a Salt minion is installed along with the Salt master. Before implementing Salt to manage any data center infrastructure it is important to understand a few things about Salt platform support including: What platforms will the Salt Master run on? What systems and infrastructure can be managed by a Salt Minion? Salt runs on... -
8
Ockam
Orchestrate end-to-end encryption, mutual authentication
Ockam is a suite of open source tools, programming libraries, and managed cloud services to orchestrate end-to-end encryption, mutual authentication, key management, credential management, and authorization policy enforcement – at massive scale. Modern applications are distributed and have an unwieldy number of interconnections that must trustfully exchange data. To build trust for data-in-motion, applications need end-to-end guarantees of data authenticity, integrity, and confidentiality. ... -
9
Descheduler
Descheduler for Kubernetes
Scheduling in Kubernetes is the process of binding pending pods to nodes, and is performed by a component of Kubernetes called kube-scheduler. The scheduler's decisions, whether or where a pod can or can not be scheduled, are guided by its configurable policy which comprises of set of rules, called predicates and priorities. The scheduler's decisions are influenced by its view of a Kubernetes cluster at that point of time when a new pod appears for scheduling. As Kubernetes clusters are very... -
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
10
Nomulus
Top-level domain name registry service on Google Cloud Platform
Nomulus is a production-grade, open-source domain registry platform used to operate top-level domains (TLDs). It implements the core registry protocols—EPP for registrar interactions, WHOIS/RDAP for public data access—and manages the lifecycle of domain objects, hosts, and contacts. The system is built to scale and to enforce policy: pricing rules, reserved names, premium tiers, grace periods, and automated renewals are modeled explicitly. It integrates with DNS provisioning, data escrow,... -
11
Vault
Tool for secrets management and encryption as a service
Manage secrets and protect sensitive data. Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. The shift from static, on-premise infrastructure to dynamic, multi-provider infrastructure changes the approach to security. Security in static infrastructure relies on dedicated servers, static IP addresses, and a clear network perimeter. Security in dynamic infrastructure is... -
12
Harbor
An open source trusted cloud native registry project that stores
Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control... -
13
NemoClaw
NVIDIA plugin for secure installation of OpenClaw
NVIDIA NemoClaw is an open-source tool designed to simplify the deployment and management of always-on AI assistants using the OpenClaw ecosystem. It installs and configures the NVIDIA OpenShell runtime, which provides a secure environment for running autonomous AI agents. NemoClaw enables users to launch sandboxed agent environments that control network access, file permissions, and inference requests through policy-based security. -
14
Cerbos
Cerbos is the open core, language-agnostic authorization solution
Cerbos is an authorization layer that evolves with your product. It enables you to define powerful, context-aware access control rules for your application resources in simple, intuitive YAML policies; managed and deployed via your Git-ops infrastructure. It provides highly available APIs to make simple requests to evaluate policies and make dynamic access decisions for your application. Decouple authorization management from your core code using the stateless Cerbos solution. Focus on... -
15
Chocolatey
Chocolatey - the package manager for Windows
...Chocolatey packages encapsulate everything required to manage a particular piece of software into one deployment artifact by wrapping installers, executables, zips, and/or scripts into a compiled package file. Package submissions go through a rigorous moderation review process, including automatic virus scanning. The community repository has a strict policy on malicious and pirated software. Many organizations face the ongoing challenge of deploying and supporting various versions of software. Chocolatey allows organizations to automate and simplify the management of their complex Windows environments. Our customers have experienced a massive reduction in effort, improved speed of deployment, high reliability, and comprehensive reporting. ... -
16
Sanoid
These are policy-driven snapshot management and replication tools
Sanoid is a policy-driven snapshot management system for ZFS that automates creation, rotation, and health checks of snapshots across datasets. You describe retention in human terms—hourly, daily, monthly, yearly—via simple templates, and Sanoid enforces those rules consistently without manual cron gymnastics. It sets and respects ZFS properties, places holds to protect in-use snapshots, and surfaces health issues so you notice problems before recovery time. -
17
Professional Services
Common solutions and tools developed by Google Cloud
...Unlike simple sample repositories, it focuses on production-oriented use cases such as data pipelines, machine learning workflows, infrastructure automation, and security management. The repository contains a wide variety of projects, including tools for validating data migrations, generating large datasets for testing, building analytics dashboards, and automating policy enforcement in cloud environments. These solutions are intended to serve as blueprints that organizations can adapt and extend for their own needs rather than turnkey products. ... -
18
pg_partman
Partition management extension for PostgreSQL
pg_partman is a PostgreSQL extension for managing time-based and serial-based table partitioning. It automates the creation, maintenance, and retention of partitions, making it easier to manage large datasets with better performance and query efficiency. Designed for both native and trigger-based partitioning, pg_partman is ideal for applications handling time-series or log data. -
19
Enterprise-Scale
The Azure Landing Zones (Enterprise-Scale) architecture
Enterprise-Scale is a reference architecture and set of landing-zone blueprints for building large, governed Azure estates. It codifies recommended patterns—network topology, identity integration, subscription and resource organization, policy assignment, and guardrails—so enterprises can provision repeatable, secure, and compliant environments for workloads. The project supplies deployable artifacts (Bicep/ARM/Terraform modules, examples, and documentation) to accelerate consistent deployments across regions and teams while embedding best practices for security, cost management, and operations. ... -
20
CyberStrikeAI
CyberStrikeAI is an AI-native security testing platform built in Go
...Through comprehensive lifecycle management, results are tracked, aggregated, and visualized, with support for versioned persistence, search, and risk severity scoring. -
21
Keel
Kubernetes Operator to automate Helm, DaemonSet, StatefulSet, etc
kubectl is the new SSH. If you are using it to update production workloads, you are doing it wrong. See examples on how to automate application updates. A single command, no dependencies. No lock-in, no custom configuration files. Start using it now. Runs as a single container, with no database is required. Policies and trigger types are specified in your application deployment files or Helm charts. Use policies to define when you want your application to be updated. Providers can have... -
22
ContextForge MCP Gateway
A Model Context Protocol (MCP) Gateway & Registry
...The gateway scales horizontally, supports multi-cluster deployments on Kubernetes, and uses Redis for federation and caching across instances. Operators can define virtual servers, wire multiple transports, and optionally enable an admin UI for management and monitoring. Packaged for quick starts via PyPI and Docker, it targets production reliability with health checks, metrics, and structured logs. The project positions itself as an integration hub so agentic apps can “connect once, use many” backends with consistent policy and lifecycle control. -
23
Rancher
Complete container management platform
From datacenter to cloud to edge, Rancher lets you deliver Kubernetes-as-a-Service. Rancher is a complete software stack for teams adopting containers. It addresses the operational and security challenges of managing multiple Kubernetes clusters, while providing DevOps teams with integrated tools for running containerized workloads. From datacenter to cloud to edge, Rancher's open source software lets you run Kubernetes everywhere. You don’t need to figure Kubernetes out all on your own.... -
24
Casibase
Open-source enterprise-level AI knowledge base and MCP
Casibase is an open-source AI cloud platform designed to function as an enterprise knowledge base, container management system, and collaboration environment for AI-driven applications. The project combines knowledge management, messaging, and forum features with large language model integration to create an interactive platform for storing and querying domain-specific knowledge. Built with a separated frontend and backend architecture, Casibase provides a web-based administrative interface... -
25
OpenAdapt
Open Source Generative Process Automation
OpenAdapt is the open source software adapter between Large Multimodal Models (LMMs) and traditional desktop and web Graphical User Interfaces (GUIs). OpenAdapt learns to automate your desktop and web workflows by observing your demonstrations. Spend less time on repetitive tasks and more on work that truly matters. Boost team productivity in HR operations. Automate candidate sourcing using LinkedIn Recruiter, LinkedIn Talent Solutions, GetProspect, Reply.io, outreach.io, Gmail/Outlook, and...
