Authorization service with GitHub registry

Technology logo

Using GitHub container registry as a policy registry

Speak with an engineer

Securing your policy workflow

GitHub is where the world builds software. The popular platform offers GitHub Packages (GHCR), which allows developers to host and maintain code packages and containers.

Aserto expresses policies as code wrapped in OCI containers. As a result, developers can build, tag, sign, push, and pull authorization policies like Docker containers.

Aserto natively supports the GitHub container registry as the artifact repository for authorization policies built into OCI images. You can use Open Policy Containers (OPCR), a CNCF sandbox project, to build policies and then push them to your GitHub container registry organization. You can also create policy instances in Aserto from policy images stored in the GitHub container registry.

Benefits of using OPCR with GitHub

policy-as-code workflow

Easily pull public policy images for sharing/reuse. Keep policy images secure by signing and versioning with Cosign. Then secure, automate, test, and manage your policy development pipeline with the GitHub container registry.

What is Aserto?

Aserto is an authorization service that helps developers build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to cloud applications and APIs. It offers blazing-fast authorization of a local library, coupled with a centralized control plane for managing policies, user attributes, resource and relationship data, and decision logs. And it comes with everything you need to deliver fine-grained RBAC, ABAC, or ReBAC, as well as comprehensive developer resources for any language or framework - saving you months of engineering time.


Built for developers with

David Kerber

VP of Technology

"Authorization involves really hard problems that I want experts to solve. We like to focus our internal engineering efforts on our customers and their problems. Aserto allows us to do just that, at a small fraction of the cost it would take to build and maintain it ourselves, not to mention the opportunity cost."

Mathias Biilmann Christensen

Co-founder & CEO, Netlify

"As millions of developers and businesses are adopting a Jamstack approach, most modern web applications involve multiple APIs and services. Aserto's promise of separating policies from code could radically simplify the implementation of authorization across the front-end UI and the larger world of back-end functions and endpoints."

Tom Preston-Werner

Co-founder, GitHub

"Building & managing an authorization/RBAC system is a huge pain, especially at enterprise scale. So stop! Aserto has a distributed, millisecond latency, 100% availability API for that. I'm excited to help as an angel investor!"


Authorization as easy as an API call

Speak with an engineer