Skip to content

defenseunicorns/lula

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

370 Commits
.github
.github
 
 
adr
adr
 
 
commitlint
commitlint
 
 
demo
demo
 
 
docs
docs
 
 
images
images
 
 
src
src
 
 
.adr-dir
.adr-dir
 
 
.gitignore
.gitignore
 
 
.goreleaser.yaml
.goreleaser.yaml
 
 
.release-please-manifest.json
.release-please-manifest.json
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CODEOWNERS
CODEOWNERS
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
cspell.json
cspell.json
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
netlify.toml
netlify.toml
 
 
release-please-config.json
release-please-config.json
 
 
renovate.json
renovate.json
 
 

Repository files navigation

Lula - The Cloud-Native Compliance Engine

Lula Documentation Go version OpenSSF Scorecard

lula logo

Lula is a tool designed to bridge the gap between expected configuration required for compliance and actual configuration.

Key Features

  • Assess compliance of a system against user-defined controls
  • Evaluate an evolving system for compliance over time
  • Generate machine-readible OSCAL artifacts
  • Accelerate the compliance and accreditation process

Why Lula is different than a standard policy engine

  • Lula is not meant to compete with policy engines - rather augment the auditing and alerting process
  • Often admission control processes have a difficult time establishing big picture global context control satisfaction, Lula fills this gap
  • Lula is meant to allow modularity and inheritance of controls based upon the components of the system you build

Overview

Cloud-Native Infrastructure, Platforms, and Applications can establish OSCAL documents that are maintained alongside source-of-truth code bases. These documents provide an inheritance model to prove when a control that the technology can satisfy IS satisfied in a live-environment.

These controls can be well established and regulated standards such as NIST 800-53. They can also be best practices, Enterprise Standards, or simply team development standards that need to be continuously monitored and validated.

Lula operates on a framework of proof by adding custom overlays mapped to the these controls, Lula Validations, to measure system compliance. These Validations are constructed by establishing the collection of measurements about a system, given by the specified Domain, and the evaluation of adherence, performed by the Provider.

Providers and Domains

Domain is the identifier for where and which data to collect as "evidence". Below are the active and planned domains:

Domain Current Roadmap
Kubernetes -
API -
Cloud Infrastructure

Provider is the "engine" performing the validation using policy and the data collected. Below are the active providers:

Provider Current Roadmap
OPA -
Kyverno -

Getting Started

Install Lula and check out the Simple Demo to get familiar with Lula's validate and evaluate workflow to assess system compliance and establish thresholds. See the other tutorials for more advanced Lula use cases and information on how to develop your own Lula Validations!

About

The Compliance Validator

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

128 stars

Watchers

11 watching

Forks

22 forks
Report repository

Releases 10

v0.4.4 Latest
Jul 26, 2024
+ 9 releases

Packages

No packages published

Contributors 22

+ 8 contributors

Languages