Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

K2HR3 Utilities(k2hr3-utils)

GitHub license GitHub forks GitHub stars GitHub issues

This repository contains utilities for K2HR3, which is a role-based ACL system developed in Yahoo Japan Corporation

K2HR3 - K2Hdkc based Resource and Roles and policy Rules

K2HR3 system

K2HR3 is a RBAC (Role Based Access Control) system. K2HR3 is designed to primarily work in a private cloud environment, which is dedicated to deliver services to a single organization. K2HR3-0.9.0 works with OpenStack.

The primary feature is called +SERVICE that enables service owners in cloud environments to control their resources. K2HR3 as a RBAC system defines the three primary elements: role, rule(or policy rule) and resource. Every host is defined as a member of roles in K2HR3 and a host can access resources in a way followed by rules.

  • Role
    Defines a collection of a host(or an IP address) that access assets in a service.
  • Rule(or Policy Rule)
    Defines a group of actions(read and write) over assets in a service and a permission(allow or deny) to the group of actions.
  • Resource
    Defines a value(string or object) as an asset in a service. A value can contains data in any form: text or binary. A text data can be a key, a token or an URL.

K2HR3 system overview

K2HR3 System Overview

The following figure shows the K2HR3 system overview.

K2HR3 Setup overview

K2HR3 Utilities

We provide the following utilities for K2HR3.

  • devcluster/
    A tool to quickly bring up a complete K2HR3 system in a Linux(Debian9, Ubuntu18.04, Fedora29 or CentOS7) host.
  • devpack/
    A tool to build a trial environment of K2HR3 system in one host.


Here are documents including other components.

K2HR3 Document
K2HR3 Web Application Usage
K2HR3 OpenStack Notification Listener Usage
K2HR3 Watcher Usage
K2HR3 Get Resource Usage
K2HR3 Utilities for Setup
K2HR3 Demonstration
K2HR3 Command Line Interface Usage

About k2hdkc
About k2hash
About chmpx
About k2hash transaction plugin

About AntPickax


Here are repositories including other components.

K2HR3 main repository
K2HR3 Web Application repository
K2HR3 REST API repository
K2HR3 OpenStack Notification Listener
K2HR3 Utilities
K2HR3 Container Registration Sidecar
K2HR3 Get Resource
K2HR3 Command Line Interface

k2hash transaction plugin


Here are packages including other components.

k2hr3-app(npm packages)
k2hr3-api(npm packages)
k2hr3-osnl(python packages)


This software is released under the MIT License, see the license file(COPYING).


AntPickax is an open source team in Yahoo Japan Corporation.