Kexa, your ally in multi-cloud compliance management, simplifies compliance on platforms such as Azure, Google, Amazon and more.
With simple, intuitive rules, even non-experts can guarantee the security of their cloud environments. Kexa, an Open Source tool, offers real-time monitoring, instantly alerting to any deviation from defined rules.
Its detailed reports facilitate compliance analysis, ensuring complete visibility of the state of the infrastructure. Scalable and integrable, Kexa adapts to the evolution of your infrastructure and connects easily to your existing tools.
Turn complexity into simplicity with Kexa, ensuring unrivalled security and turning compliance into a competitive advantage.
Explore the docs »
Report Bug
·
Request Feature
·
Put Star
We have built Kexa to automatize verifications across your working environments (cloud, workspace, APIs endpoints), with a easy-to-deploy script that will allow you to optimize your costs, conformity and security.
It can be deployed as a script, Docker or github action. Kexa is flexible in the way it is deployed, and can be quickly incorporated into CI/CDs or pipeline to guarantee the integrity of your workflow on a hight frequency check.
Clone the repository, follow our setup guide or the quick launch, setup the rules you want to verify from the already available rules file, or build your own.
Run it and get all the available optimizations with the different notification tools (logs, mail, sms, webhook, Teams, and more incoming with generics tools)
With Kexa, you can edit your own rules and retrieve rules or even addons built by the community.
If you want a complet installation detail, you can refer to this documention
Clone the repository or use the script to initialize all resources and credentials if you want to get Kexa up and running quickly such as :
Windows:
Invoke-WebRequest -Uri "https://raw.githubusercontent.com/4urcloud/Kexa/dev/initKexa.ps1" -OutFile "./initKexa.ps1"; & "./initKexa.ps1" -d -c
#answer all question to setup
Linux:
curl -sSL https://raw.githubusercontent.com/4urcloud/Kexa/main/initKexa.sh -o initKexa.sh && chmod +x initKexa.sh && ./initKexa.sh -d -c
#answer all question to setup
then:
#dont forget to get [nodejs](https://nodejs.org/en/download) to launch Kexa:
pnpm i --frozen-lockfile
pnpm run start
You can also use the git action of kexa for a quick run with no costs, refer to the reposiroty : Kexa Git Action
We also have a ready-to-run repository, with all addons already configured to run as Git Action, just enter credentials and run ! Ready-to-run repository
From any folder, create a folder called "config" and create a "default.json" file inside this folder. This file will be populated according to the provider you want to test, as follows.
Don't forget to modify "Absolute/Path/To/config" with the absolute path to your config folder (ex: "C:\Users\MyUser\Documents\Kubernetes" in windows). Obviously, the credentials you supply must have read rights on the environments you want to scan.
Click on the provider you want to fast try:
With Kexa, you have multiple options to retrieve your scans results. Here is the notifications and save addons that you can already use :
Here is a few examples of results :
Interested by visualizing data with Grafana ?
All our dashboards are available here : https://github.com/4urcloud/Kexa_Grafana_Dashboards
Grafana Kexa main dashboard
Grafana Kexa Kubernetes CPU/Memory dashboard
<img alt="Kexa Grafana Results kubernetes (heatmaps)" src="https://github.com/kexa-io/Kexa/raw/main/images/reamde_grafana_kube3.png" height="auto"/>
Once a scan has been performed, you can observe the results at the locations you have specified in your rules files. In addition to the notification locations you have set up, by default a html files of scan results for each rule file has been created. In the case of a quick-launch, your results will be displayed in logs + output files by default. Those html files can be found in your /output folder by default. To change your default folder, add the environment variable: "OUTPUT" with the path to your folder.
I'm going to show the result of a ruler scan with HTML rendering. The name of this file follow this type format : "./output/resources/[Name of the rule]/[Date as : 'YYYYMMDDHHmm'].html". In our case our scan rule is "Security" :
The summary sheet groups together all the different error levels, from info to critical error. Then, for each of the rules present in this rule file, we have all the rules that are not respected, as well as the resources that go against them. In this example, we only have github repos that don't respect our rules. Each resource has a clickable link whenever possible, as well as a few keywords to identify which resources are being referred to.
Kexa offers significant benefits in a number of areas, contributing to the efficiency and reliability of your environment. You can define rules with YAML (.yaml) files, that you will store in your Kexa 'rules' folder, located in the Kexa root folder.
You can then launch a scan, Kexa will retrieve resource's information from the required sources (providers or others online services supported by addons), and apply the rules you defined.
All issues will be reported following the notification configuration you've set.
The rules editing section in full documentation will present you the main areas where our tool add value, with and examples of YAML rules. If you want explanations and details about rules in Kexa, please refer to this section in the full documentation.
Refer to our ROADMAP.md.
If you would like additional functionality, please send us your request. : Request Feature
Distributed under the Apache 2.0 License. See LICENSE.txt
for more information just here.
Projects Link: 4urcloud Public site: