An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application.

Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy

Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query

Create a break glass role for emergency use in order to limit AWS production account access. Configure automatic alerts and logging of activities in the role to secure its use in production environments.

🔐 Lightning fast, global scale authorization service without the overhead of a yet another DSL.

Lambda Extension for iamlive

Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation

Cloud governance reports from native services in a clear and readable digest

TOTP MFA for teams: Shamir's Secret Sharing and zero trust OTP generation

Catalog and understand risks from granting IAM privileges

command line interface for Permify

This project shows a complete use case with the least privilege principle on Google Cloud using modular Terraform, Terragrunt and Cloud Build

📚 ☁️ For Architects and Engineers ☁️ 📚

gcloud script to provision my GKE cluster, in a secure way

Find AWS IAM permissions used by Go code

A fully managed message processing pipeline built with Go and deployed using Terraform. This project implements a secure Pub/Sub flow that handles errors and notifications efficiently. It leverages GCP's native retry and deadlettering capabilities, adhering to the principle of least privilege.

The GenCyber 10 Security First Principles are a set of fundamental best practices and guidelines for cybersecurity