Aspect
Aspect is a simple rule based engine to ensure that cloud resources meet organisational requirements across multiple clouds and regions at the same time. The same rules based engine is available as a REPL to support arbitary sub-second evaulation of cloud resources.
Read the documentationFeatures
- Comprehensive cloud provider support:
- AWS
- Azure (Coming Soon!)
- Cloud native authentication mechanisms
- Policy declaration language similar to OpenPolicy Agent’s rego See Examples
- Policy suites written in YAML that supports both multiple clouds and regions See Examples
- Interactive policy builder
- Validate policies and policy suites at development time
- Fully interactive CLI for viewing and evaluating cloud resources
Quickstart
The quickest way to get started is to use the prebuilt docker image:
docker run --rm -it im5tu/aspect:latest
From here you have full access to the aspect command line interface. Here are some commands that you may wish to execute:
aspect policy init myfirst.policy- Creates an empty policy for a specified resourceaspect policy list builtin- Lists all of the built in policiesaspect policy validate myfirst.policy- Ensures that the policy is validaspect run myfirst.policy- Runs the policy against your cloud infrastructure reporting its compliance
For a full list of the commands and their available options, visit the CLI Commands Documentation. Please note, you may also need to configure cloud specific credentials. See the instructions for AWS and Azure.
Supported Resources
Roadmap
See the open issues for a list of proposed features (and known issues).
Built With
Here are some of the awesome community projects that make this project possible:
Contributing
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.
Take a look at our contribution guide for more details.