Search Results for "policy management"
Sort By:
Showing 90 open source projects for "policy management"
View related business solutions-
Earn up to 16% annual interest with Nexo.Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
1
Gatekeeper
Policy Controller for Kubernetes
A customizable cloud-native policy controller that helps enforce policies and strengthen governance. Gatekeeper makes managing policies on top of Kubernetes easy. Policies can be enforced at admission time or at runtime via the audit functionality. Gatekeeper is powered by the Open Policy Agent (OPA) project. Using OPA allows you to write policies that are powerful, flexible, and portable. Browse the policy library to find existing policies that fit your use case. Each policy in the library... -
2
Node-Casbin
An authorization library that supports access control models
Node-Casbin is a powerful and efficient open-source access control library for Node.js projects, supporting various access control models like ACL, RBAC, and ABAC. -
3
NetBird
Connect your devices into a secure WireGuard-based overlay network
NetBird is an open-source solution that builds a WireGuard®-based overlay network enabling seamless, encrypted peer-to-peer connectivity without the complexity of firewall rules, port forwarding, or centralized VPN gateways. It integrates access control features such as SSO and MFA for secure, policy-driven networking. Every machine in the network runs NetBird Agent (or Client) that manages WireGuard. Every agent connects to Management Service that holds network state, manages peer IPs, and distributes network updates to agents (peers). NetBird agent uses WebRTC ICE implemented in pion/ice library to discover connection candidates when establishing a peer-to-peer connection between machines. -
4
RustDesk Server PRO
Some scripts for RustDesk Server Pro are hosted here
This project provides the enterprise-grade backend for RustDesk deployments that need centralized management, stronger policy controls, and advanced operational tooling. It encompasses the components required to broker, relay, and supervise connections while adding administrative layers suitable for regulated or large environments. Organizations can standardize how clients authenticate, how sessions are permitted and audited, and how data paths are routed under diverse network constraints. ... -
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
5
mapcn
Beautiful map components, 100% Free, Zero config, one command setup
mapcn is a research-oriented project centered on mapping continuous control in reinforcement learning to structured policies using neural networks. It explores how high-dimensional action spaces can be decomposed into structured primitives that can be learned, composed, and reused across different tasks. The core idea is to enable agents to generalize learned behavior by representing continuous control policies in a compact, interpretable form that preserves smoothness and controllability.... -
6
Kubernetes Capsule
Multi-tenancy and policy-based framework for Kubernetes
Capsule implements a multi-tenant and policy-based environment in your Kubernetes cluster. It is designed as a micro-services-based ecosystem with a minimalist approach, leveraging only on upstream Kubernetes. Kubernetes introduces the Namespace object type to create logical partitions of the cluster as isolated slices. However, implementing advanced multi-tenancy scenarios, it soon becomes complicated because of the flat structure of Kubernetes namespaces and the impossibility to share... -
7
Salt
Automate the management and configuration of infrastructures at scale
Salt Bootstrap is a shell script that detects the target platform and selects the best installation method. (Supported Platforms) Your Salt master can manage itself, so a Salt minion is installed along with the Salt master. Before implementing Salt to manage any data center infrastructure it is important to understand a few things about Salt platform support including: What platforms will the Salt Master run on? What systems and infrastructure can be managed by a Salt Minion? Salt runs on... -
8
Nomulus
Top-level domain name registry service on Google Cloud Platform
Nomulus is a production-grade, open-source domain registry platform used to operate top-level domains (TLDs). It implements the core registry protocols—EPP for registrar interactions, WHOIS/RDAP for public data access—and manages the lifecycle of domain objects, hosts, and contacts. The system is built to scale and to enforce policy: pricing rules, reserved names, premium tiers, grace periods, and automated renewals are modeled explicitly. It integrates with DNS provisioning, data escrow,... -
9
Descheduler
Descheduler for Kubernetes
Scheduling in Kubernetes is the process of binding pending pods to nodes, and is performed by a component of Kubernetes called kube-scheduler. The scheduler's decisions, whether or where a pod can or can not be scheduled, are guided by its configurable policy which comprises of set of rules, called predicates and priorities. The scheduler's decisions are influenced by its view of a Kubernetes cluster at that point of time when a new pod appears for scheduling. As Kubernetes clusters are very... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Harbor
An open source trusted cloud native registry project that stores
Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control... -
11
NemoClaw
NVIDIA plugin for secure installation of OpenClaw
NVIDIA NemoClaw is an open-source tool designed to simplify the deployment and management of always-on AI assistants using the OpenClaw ecosystem. It installs and configures the NVIDIA OpenShell runtime, which provides a secure environment for running autonomous AI agents. NemoClaw enables users to launch sandboxed agent environments that control network access, file permissions, and inference requests through policy-based security. -
12
Cerbos
Cerbos is the open core, language-agnostic authorization solution
Cerbos is an authorization layer that evolves with your product. It enables you to define powerful, context-aware access control rules for your application resources in simple, intuitive YAML policies; managed and deployed via your Git-ops infrastructure. It provides highly available APIs to make simple requests to evaluate policies and make dynamic access decisions for your application. Decouple authorization management from your core code using the stateless Cerbos solution. Focus on... -
13
Chocolatey
Chocolatey - the package manager for Windows
...Chocolatey packages encapsulate everything required to manage a particular piece of software into one deployment artifact by wrapping installers, executables, zips, and/or scripts into a compiled package file. Package submissions go through a rigorous moderation review process, including automatic virus scanning. The community repository has a strict policy on malicious and pirated software. Many organizations face the ongoing challenge of deploying and supporting various versions of software. Chocolatey allows organizations to automate and simplify the management of their complex Windows environments. Our customers have experienced a massive reduction in effort, improved speed of deployment, high reliability, and comprehensive reporting. ... -
14
Professional Services
Common solutions and tools developed by Google Cloud
...Unlike simple sample repositories, it focuses on production-oriented use cases such as data pipelines, machine learning workflows, infrastructure automation, and security management. The repository contains a wide variety of projects, including tools for validating data migrations, generating large datasets for testing, building analytics dashboards, and automating policy enforcement in cloud environments. These solutions are intended to serve as blueprints that organizations can adapt and extend for their own needs rather than turnkey products. ... -
15
Enterprise-Scale
The Azure Landing Zones (Enterprise-Scale) architecture
Enterprise-Scale is a reference architecture and set of landing-zone blueprints for building large, governed Azure estates. It codifies recommended patterns—network topology, identity integration, subscription and resource organization, policy assignment, and guardrails—so enterprises can provision repeatable, secure, and compliant environments for workloads. The project supplies deployable artifacts (Bicep/ARM/Terraform modules, examples, and documentation) to accelerate consistent deployments across regions and teams while embedding best practices for security, cost management, and operations. ... -
16
Keel
Kubernetes Operator to automate Helm, DaemonSet, StatefulSet, etc
kubectl is the new SSH. If you are using it to update production workloads, you are doing it wrong. See examples on how to automate application updates. A single command, no dependencies. No lock-in, no custom configuration files. Start using it now. Runs as a single container, with no database is required. Policies and trigger types are specified in your application deployment files or Helm charts. Use policies to define when you want your application to be updated. Providers can have... -
17
CyberStrikeAI
CyberStrikeAI is an AI-native security testing platform built in Go
...Through comprehensive lifecycle management, results are tracked, aggregated, and visualized, with support for versioned persistence, search, and risk severity scoring. -
18
OpenAdapt
Open Source Generative Process Automation
OpenAdapt is the open source software adapter between Large Multimodal Models (LMMs) and traditional desktop and web Graphical User Interfaces (GUIs). OpenAdapt learns to automate your desktop and web workflows by observing your demonstrations. Spend less time on repetitive tasks and more on work that truly matters. Boost team productivity in HR operations. Automate candidate sourcing using LinkedIn Recruiter, LinkedIn Talent Solutions, GetProspect, Reply.io, outreach.io, Gmail/Outlook, and... -
19
ContextForge MCP Gateway
A Model Context Protocol (MCP) Gateway & Registry
...The gateway scales horizontally, supports multi-cluster deployments on Kubernetes, and uses Redis for federation and caching across instances. Operators can define virtual servers, wire multiple transports, and optionally enable an admin UI for management and monitoring. Packaged for quick starts via PyPI and Docker, it targets production reliability with health checks, metrics, and structured logs. The project positions itself as an integration hub so agentic apps can “connect once, use many” backends with consistent policy and lifecycle control. -
20
CRI-O
Open Container Initiative-based implementation of Kubernetes Container
CRI-O follows the Kubernetes release cycles with respect to its minor versions (1. x.y). Patch releases (1.x.z) for Kubernetes are not in sync with those from CRI-O, because they are scheduled for each month, whereas CRI-O provides them only if necessary. If a Kubernetes release goes End of Life, then the corresponding CRI-O version can be considered in the same way. This means that CRI-O also follows the Kubernetes n-2 release version skew policy when it comes to feature graduation,... -
21
Envoy AI Gateway
Manages Unified Access to Generative AI Services
Envoy AI Gateway is an open-source gateway system designed to manage network traffic between applications and generative AI services using the Envoy proxy ecosystem. The project extends Envoy Gateway to support AI-specific workloads, enabling organizations to route, secure, and scale requests to large language models and other generative AI services. In a typical deployment, the architecture uses a two-tier gateway model where an outer gateway handles authentication, routing, and global rate... -
22
Casibase
Open-source enterprise-level AI knowledge base and MCP
Casibase is an open-source AI cloud platform designed to function as an enterprise knowledge base, container management system, and collaboration environment for AI-driven applications. The project combines knowledge management, messaging, and forum features with large language model integration to create an interactive platform for storing and querying domain-specific knowledge. Built with a separated frontend and backend architecture, Casibase provides a web-based administrative interface... -
23
ClashN
A clash client for Windows, support Mihomo
clashN is a Windows desktop client for the Clash networking engine, providing a graphical interface to manage proxies, rules, and profiles. It wraps the Clash core in a familiar, configurable UI so users can import subscriptions, switch nodes, and observe connections without editing YAML by hand. The app emphasizes rule-based routing, letting you combine rule providers and policy groups to steer traffic by domain, process, or destination category. System-wide proxy control, including PAC and... -
24
CloudQuery
The open-source cloud asset inventory powered by SQL
CloudQuery extracts, transforms and loads your cloud assets into normalized PostgreSQL tables. CloudQuery enables you to assess, audit, and monitor the configurations of your cloud assets. Use standard SQL to find any asset based on any configuration or relation to other assets. Connect CloudQuery standard PostgreSQL database to your favorite BI/Visualization tool such as Grafana, QuickSight, etc. Codify your security & compliance rules with SQL as the query engine. Integrate CloudQuery with... -
25
electricityMap
A real-time visualisation of the CO2 emissions of electricity
Real-time visualization of the Greenhouse Gas (in terms of CO2 equivalent) footprint of electricity consumption built with d3.js and mapbox GL. Real-time data is defined as a data source with an hourly (or better) frequency, delayed by less than 2hrs. It should provide a breakdown by generation type. Often fossil fuel generation (coal/gas/oil) is combined under a single heading like 'thermal' or 'conventional', this is not a problem. Citizens should not be responsible for the emissions...
