Skip to content
K2HR3 Utils - Utils for K2Hdkc based Resource and Roles and policy Rules
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

K2HR3 Utilities(k2hr3-utils)

GitHub license GitHub forks GitHub stars GitHub issues CodeFactor

This repository contains utilities for K2HR3, which is a role-based ACL system developed in Yahoo Japan Corporation

K2HR3 - K2Hdkc based Resource and Roles and policy Rules

K2HR3 system

K2HR3 is a RBAC (Role Based Access Control) system. K2HR3 is designed to primarily work in a private cloud environment, which is dedicated to deliver services to a single organization. K2HR3-0.9.0 works with OpenStack.

The primary feature is called +SERVICE that enables service owners in cloud environments to control their resources. K2HR3 as a RBAC system defines the three primary elements: role, rule(or policy rule) and resource. Every host is defined as a member of roles in K2HR3 and a host can access resources in a way followed by rules.

  • Role
    Defines a collection of a host(or an IP address) that access assets in a service.
  • Rule(or Policy Rule)
    Defines a group of actions(read and write) over assets in a service and a permission(allow or deny) to the group of actions.
  • Resource
    Defines a value(string or object) as an asset in a service. A value can contains data in any form: text or binary. A text data can be a key, a token or an URL.

K2HR3 system overview

K2HR3 System Overview

The following figure shows the K2HR3 system overview.

K2HR3 Setup overview

K2HR3 Utilities

We provide the following utilities for K2HR3.

  • devcluster/
    A tool to quickly bring up a complete K2HR3 system in a Linux(Debian9, Ubuntu18.04, Fedora29 or CentOS7) host.



MIT License


AntPickax is an open source team in Yahoo Japan Corporation.

You can’t perform that action at this time.