Skip to content
/ aspect Public

A simple rule based engine to ensure that cloud resources meet organisational requirements

License

Notifications You must be signed in to change notification settings

Im5tu/aspect

Repository files navigation

Aspect

GitHub license GitHub release GitHub last commit GitHub contributors

Aspect is a simple rule based engine to ensure that cloud resources meet organisational requirements across multiple clouds and regions at the same time. The same rules based engine is available as a REPL to support arbitary sub-second evaulation of cloud resources.

Features

  • Comprehensive cloud provider support:
    • AWS
    • Azure (Coming Soon!)
  • Cloud native authentication mechanisms
  • Policy declaration language similar to OpenPolicy Agent's rego See Examples
  • Policy suites written in YAML that supports both multiple clouds and regions See Examples
  • Interactive policy builder
  • Validate policies and policy suites at development time
  • Fully interactive CLI for viewing and evaluating cloud resources

Quickstart

The quickest way to get started is to use the prebuilt docker image:

docker run --rm -it im5tu/aspect:latest
  • aspect policy list builtin - Lists all of the built in policies
  • aspect policy list view <policy name>.policy - Views the contents of a policy
  • aspect policy init <policy name>.policy - Creates an empty policy for a specified resource
  • aspect policy validate <policy name>.policy - Ensures that the policy is valid
  • aspect run <policy name>.policy - Runs the policy against your cloud infrastructure reporting its compliance

In order to construct a policy, checkout the Policy Syntax documentation to see how to construct a policy document and how to verify resources.

For a full list of the commands and their available options, visit the CLI Commands Documentation. Please note, you may also need to configure cloud specific credentials. See the instructions for AWS and Azure.

Supported Resources

  • AWS
    • Security Groups

Roadmap

See the open issues for a list of proposed features (and known issues).

Built With

Here are some of the awesome community projects that make this project possible:

Contributing

Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.

Take a look at our contribution guide for more details.

About

A simple rule based engine to ensure that cloud resources meet organisational requirements

Topics

Resources

License

Stars

Watchers

Forks

Sponsor this project