Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

How are access rules usually managed in the context of Kubernetes and Microservices? I have like 10 containers each with their own set of rules I want to apply, but I'm not sure where best to store them.
It'd make the most sense to store them in the application repo, but I can't retrieve them directly from there :thinking_face:

My approach for now will be a monorepo just for Oathkeeper access rules

There is an oathkeeper maester project, which allows you to use CRD for that purpose. That way, you can deploy the rules together with your app. As far as I remember there were however some limitations, as not the entire API exposed by oathkeeper was used. That might have changed meanwhile.

That just moves the issue somewhere else, since I still need to get the resources from somewhere to deploy them into the cluster in the first place