README
¶
Autenticami
Autenticami is a multi-account Identity and Access Management (IAM or IdAM) solution to enable a modern identity-based project access control for third party projects.
All you have to do is describe your project's resources and create your own access control policies. Resources are organized into hierarchies of Applications and Domains.
Autenticami allows to specify who or what can access resources by the means of fine-grained permissions:
Who: Identities (Users and Roles) that can authenticateCan Access: Permissions to affect resources using actions, those are granted by attaching policiesResources: Resources described into the account
Below is a sample policy document for granting access to the Employee and Timesheet resources of the HR project (hr-app):
{
"Version": "2022-07-21",
"Description": "This policy enable List and Read access to employee and timesheet of the domain people.",
"Type": "ACL",
"Permit": [
{
"Label": "permit-hr/person/reader/any",
"Actions": [
"people:ListEmployee",
"people:ReadEmployee"
],
"Resources": [
"uur:581616507495:default:hr-app:organisation:people/*"
]
},
{
"Label": "permit-hr/timesheet/writer/any",
"Actions": [
"people:ReadTimesheet",
"people:CreateTimesheet",
"people:UpdateTimesheet",
"people:DeleteTimesheet"
],
"Resources": [
"uur:581616507495:default:hr-app:time-management:people/*"
]
}
],
"Forbid": [
{
"Label": "forbid-write-hr/timesheet/writer/bc182146-1598-4fde-99aa-b2d4d08bc1e2",
"Actions": [
"time-management/people:Read"
],
"Resources": [
"uur:581616507495:default:hr-app:time-management:people/bc182146-1598-4fde-99aa-b2d4d08bc1e2"
]
}
]
}
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
pkg
|
|
|
internal/core
Package core for core functions
|
Package core for core functions |
|
internal/iam/accessmanagement
Package accessmanagement for access management
|
Package accessmanagement for access management |
Click to show internal directories.
Click to hide internal directories.