Rönd is a ligthweight container that allows you to distribute security policy enforcing throughout your application.
Rönd is based on OpenPolicy Agent and allows you to define security policies to be executed during API invocations. Rönd runs in your Kubernetes cluster as a sidecar container of your Pods. Rönd intercepts the API traffic, applies your policies and, based on the policy result, forwards the request to your application service or rejects the API invocation.
Rönd supports three policy types:
- Allow or reject request
- Query generation during the request flow
- Response body patching
Rönd natively allows you to build an RBAC solution based on Roles and Bindings saved in MongoDB.