PyRank

Policy As Code Python Packages

Python packages with the GitHub topic policy-as-code. Sorted by relevance, with stars and monthly downloads.
pulumi
pulumi-policy

Pulumi's Policy as Code SDK, CrossGuard. Define infrastructure checks in code to enforce security, compliance, cost, and other practices, enforced at deployment time.

257K 43 8
manav8498
shadow-diff

Behavior contracts for AI agents

31K 9 0
Rul1an
assay-it

CI-native evidence compiler for agent systems: MCP policy enforcement, evidence receipts, Trust Basis claims, and reviewable artifacts.

7K 1 2
cleancloud-io
cleancloud

Read-only cloud hygiene for AWS, Azure, and GCP. Multi-account org scanning, CI/CD enforcement, and deterministic cost modeling. No agents, no telemetry.

7K 111 8
lucashgrifoni
oss-policy-kit

Policy-as-code starter kit for OSS repository governance and CI/CD hygiene across GitHub, Azure, and AWS.

6K 3 1
permitio
opal-common

Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)

5K 5K 279
prodcycle
prodcycle

Multi-framework policy-as-code compliance scanner for infrastructure and application code. Evaluates Terraform, Kubernetes, Docker, and source code against SOC 2, HIPAA, and NIST CSF.

5K 0 0
getactra
actra

Actra - control what runs before it runs, controls what actions are allowed before they execute. Evaluate policies across APIs, workflows and AI agents in real time.

4K 2 0
permitio
opal-client

Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)

4K 5K 279
permitio
opal-server

Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)

4K 5K 279
Acacian
agent-aegis

LLM guardrails & prompt injection detection for Python. Auto-instruments LangChain, CrewAI, OpenAI, LiteLLM + 8 more frameworks. PII masking, toxicity detection, policy CI/CD. One line, zero code changes.

3K 9 3
CloudMorphAI
cloudmorph-tessera

Deterministic firewall for MCP agent tool calls. YAML policies, hash-chained audit, blast-radius scoring, multi-cloud cost intelligence.

2K 3 0
konjoai
squash-ai

🛡️ Automated EU AI Act compliance for AI/ML teams — Annex IV docs, SBOMs, policy checks, and signed audit records inside your CI/CD pipeline. August 2, 2026 enforcement deadline. ⏰

2K 1 0
kitelogik
kitelogik

Governance control plane for autonomous AI agents — OPA/Rego policy enforcement at the agent action layer. Apache 2.0.

1K 1 0
someengineering
resoto-plugin-aws

Runs collector plugins and sends the result to resotocore.

1K 2K 138
someengineering
resotolib

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

1K 2K 138
paudley
coding-ethos

Policy-as-code enforcement for AI agents: MCP server, CEL policies, git hooks, SARIF, and static analysis guardrails.

1K 3 2
someengineering
resoto-plugin-onprem

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

1K 2K 138
someengineering
resoto-plugin-digitalocean

Resoto DigitalOcean Collector Plugin

1K 2K 138
someengineering
resoto-plugin-example-collector

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

1K 2K 138
someengineering
resoto-plugin-gcp

Resoto GCP Collector Plugin

1K 2K 138
someengineering
resoto-plugin-k8s

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

1K 2K 138
someengineering
resoto-plugin-github

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

1K 2K 138
someengineering
resoto-plugin-vsphere

Resoto VSphere Collector Plugin

1K 2K 138