@pmartinoli ・ Feb 03,2023 ・ 6 min read ・ 428 views ・ Originally posted on blog.mia-platform.eu
We are proud to announce Rönd, the new open‑source project released by Mia‑Platform that distributes security policy enforcement over your APIs.
In Mia‑Platform we strongly believe in the open source community, and we keep enhancing our commitment to give developers around the world new tools to solve common problems, so that they can focus on creating brilliant and innovative software.
After several months of running successfully in production environments, where we kept asking for feedback from developers from different teams, we found out that our product was stable, complete, and very effective. Thus, we decided to release it as an open‑source project - Rönd itself - so that everyone can benefit from an enterprise‑ready and fully customizable authorization mechanism without having to build it from scratch.
Our solution was made possible by Open Policy Agent, the CNCF graduated open‑source policy engine, so releasing Rönd open source was the correct choice to repay the extraordinary community.
Rönd is a lightweight container that distributes security policy enforcement throughout your application. Rönd allows you to define security policies in Rego language to be executed during API invocations. There are three supported policy types:
Rönd is built according to the Sidecar Pattern: it runs in your Kubernetes cluster as a sidecar container alongside your Pods. This avoids any code duplication, makes it language agnostic with respect to the Pod, and prevents the introduction of single points of failure in the architecture. Although Rönd is a distributed service, we paid particular attention to the resource it consumes: so we designed our container in order to introduce low additional costs. If necessary, Rönd can also run as a standalone service.
Rönd intercepts the API traffic and applies your policies to the API requests: it checks the user’s authorization and permissions, and it can also allow you to operate verifications on the API payload. Then, if policy requirements are satisfied, Rönd forwards the request to your application service, which can process it. On the contrary, if requirements are not met, Rönd rejects the API invocation: in this way, if not authorized, the API call does not even reach the service itself, so it’s more secure.
Rönd natively allows you to build an RBAC/ABAC solution by defining the concepts of Roles, Permissions, and User Groups as building blocks. This is actually how Rönd was born. If you want to know more about it, here’s How and why we adopted Role-Based Access Control (RBAC).
Now, why did we decide to call it Rönd? Since we are very proud of the strength of our open‑source project, we needed something that could fully represent its robustness. And what is more powerful than the mighty Vikings?
So we chose the Viking round shield - Rönd - because our authorization mechanism enhances defense and security across your applications. The wall of shields, the famous military formation used by Vikings, can block any attacks or let people pass through with "close and open" tactics. Once you implement Rönd in all your microservices, you will have a super effective wall of shields protecting your distributed application.
Then we aimed for more. We wanted our shields to be recognized as a reliable security tool that anyone can use in their projects, regardless of the programming language. Inspired by the Vikings who settled in Ireland and Scotland and created an open and new culture by mixing with the local culture, we painted the Gaelic R in the center of our shields as a sign of internationality to symbolize the openness of our tools. In fact, just as those Vikings were able to adapt to the Gaelic alphabet by abandoning the runes, the Rönd can embrace every single programming language you like.
To better protect ourselves we needed a helmet, like the one of Open Policy Agent, the open source solution at the core of Rönd. With Rönd you can create your own fully‑equipped Viking armored infrastructure!
The Rönd logo aims to represent the story described above. There has been great work behind it, so it is worth explaining.
The round shape clearly resembles the Viking round shield. As mentioned before, at the center of the shield there is the Gaelic R, which is both a symbol of openness and a mark of recognition. The letter is surrounded by four small circles that stand for the wall of shield: this is because our authorization solution is designed for distributed architectures, and performs very well if implemented in several microservices.
For the colors of the logo we took inspiration from the Scandinavian winter landscape, the homeland of the mighty vikings. The background of the shield is white, to resemble the snow that covers everything during the winter and fortifies the people of the north.
Then, starting from the bottom‑right to the upper‑left of the shield, we have a seamless transition. The starting color is light blue: this stands for the ice and the cold water of the fjords and the surrounding alpine lakes.
The blue in the middle is the color of the northern sky, but it is also the color of technology: as Rönd is a brand new cloud‑native technology, this color fits perfectly.
The last one, in the upper‑left border, is the purple of the aurora borealis: it is barely perceptible, as it is in nature, but it adds a tone of magic and decision to the whole shield.
The official font of the project is Inter, and we chose it for three main reasons:
Does Rönd sound interesting to you? Well, now that you know everything about what it does and how it was born, all you have to do is become a warrior of our wall of shields!
Here’s the official GitHub repository of the project, where you can find the source code and the open issues. If you like the project don’t forget to give it a star, so that more people can discover it.
The full documentation is available at the official Rönd website; here you can also find an example of what you can build with Rönd, as well as some useful resources.
As for every open‑source project, also for Rönd the community is crucial for its success. In fact, the wall of shields only works if warriors support each other. Every feedback and contribution is welcome! Feel free to open a new issue or a pull request: just make sure to follow the contribution guidelines and respect the code of conduct.
Also, don’t forget to join the dedicated GitHub Discussions: here you can find useful information and ask for advice from other users. We’d love to know the people who decide to adopt Rönd, so consider jumping in to say “Hi” and share with us all the great things you created with Rönd!
Last but not least, consider sharing this announcement with your friends and co‑workers: we aim to solve a very important and yet common problem, and we need your help to reach out to everyone who might need an open‑source solution like Rönd.
If you want to learn more about all Mia‑Platform open‑source software, take a look at this page on our website. Here you can find the full description of our culture, a brief overview of each project, and the link to their websites.
Join other developers and claim your FAUN account now!
Technical Writer, Mia-Platfom@pmartinoli
Only registered users can post comments. Please, login or signup.