A lightweight container for distributed security policy evaluation
Rönd is an open source authorization mechanism that defines the concepts of Roles, Permissions, and User Groups as building blocks.These building blocks allow you to create your security model leveraging both an Attribute-Based Access Control (ABAC) and a Role-Based Access Control (RBAC) approach. The system will be a true mirror of your organization and it will reflect the actual role people have and the specific actions they may perform.
Rönd acts like a true shield that enables you to improve data security and API while providing full independence and 360‑degree permission governance.
With Rönd you wear an armor made with the best technologies on the market. Built on top of Open Policy Agent, it leverages the Rego language to let you write policies to be applied to APIs calls.
It relies on the Sidecar Container Pattern to avoid any single point of failure; this means that each pod has an extra container in charge of implementing the authorization controls. The sidecar container intercepts all the incoming requests and proxies them to the actual microservice only if authorization checks are successfully passed.
Rönd simplifies security management with centralized policies executed in a distributed system. Forget endless controls embedded in your codebase, and focus only on the authorization rules.
From “Karls” to “Jarls” of the solution. Make your first step as a Karl (ordinary person), fight with Rönd as a warrior and rise as a Jarl (Master) of your authorization model!