IAM Least Privilege Policy Generator.

Policy Sentry is an AWS IAM Least Privilege Policy Generator, auditor, and analysis database. It compiles database tables based on the AWS IAM Documentation on Actions, Resources, and Condition Keys and leverages that data to create least-privilege IAM policies.

• Policy Sentry @ GitHub.

Policy-based control for cloud native environments.
Flexible, fine-grained control for administrators across the stack.

Open Policy Agent (OPA) is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack.

• Open Policy Agent @ GitHub.

Kubernetes Native Policy Management.

Kyverno is a policy engine designed for Kubernetes.
It can validate, mutate, and generate configurations using admission controls and background scans.
Kyverno policies are Kubernetes resources and do not require learning a new language.
Kyverno is designed to work nicely with tools you already use like kubectl, kustomize, and Git.

• Kyverno @ GitHub.
• Vos politiques de conformité sur Kubernetes avec Kyverno @ Zwindler's Reflection :fr:.
• Understanding Kyverno: Enhancing Kubernetes Security with Policy Enforcement @ Jyothi Ram's blog.