Engineering deep dives on iddio's security architecture, implementation decisions, and the road ahead.
The technical reasoning behind keeping iddio's runbook engine deliberately simple. Auditability, performance budgets, and why we push complex stateful logic to OPA instead.
A deep dive into a subtle attack vector: how malicious Kubernetes resource names with ANSI escape sequences can manipulate operator terminals, and how Iddio's sanitizeTerminal function prevents it.
Kubernetes native audit logs record what hits the API server. Iddio captures which agent requested it, what risk tier it falls into, and whether a human approved it. Here's why you run both.
How iddio applies its classify-enforce-audit pipeline to Model Context Protocol tool calls. Protocol translation, fail-closed classification, and policy-filtered tool discovery.
How iddio renews TLS certificates without downtime. A background goroutine, a 30-day renewal window, atomic file writes via temp-and-rename, and SHA-256 fingerprinting for verification.
Iddio uses CalVer timestamp tags — v2026.0220.2306 instead of v1.2.3. A comparison of SemVer, date-based CalVer, sequential build numbers, and git hashes, and why minute-granularity timestamps win for high-velocity releases.
How iddio scales from a single proxy to a fleet. Multi-tenant PostgreSQL architecture, OIDC authentication for operators, RBAC with four roles, and ETag-based proxy config sync.
The first public release of Iddio is here. 5-tier classification, mTLS with SPIFFE, JIT credentials, hash-chained audit, session recording, and multi-protocol support for Kubernetes, SSH, Terraform, Helm, and AWS CLI.
One policy engine, five protocols. How iddio evaluates access rules across Kubernetes, SSH, Terraform, Helm, and AWS CLI with protocol-specific scope matching.
How iddio exec wraps Terraform, Helm, and AWS CLI commands with classify-then-enforce semantics. Per-tool classifiers, tier mapping, and audit-logged execution.
How iddio captures full HTTP request/response bodies for forensic replay. Agent-grouped sessions, idle timeout boundaries, configurable body size limits, and automatic secrets redaction.
How iddio captures every byte of kubectl exec and attach sessions. Connection hijacking, bidirectional stream recording, and forensic-quality replay — transparent to the agent.
How iddio decides what's safe and what's dangerous. Every Kubernetes API request is classified into one of five tiers based on method, resource type, and subresource.
How iddio builds a tamper-evident audit trail using SHA-256 hash chaining. Every event links to its predecessor cryptographically — change one line, and verification fails.
How iddio eliminates long-lived cluster credentials by minting short-lived tokens on every request. The proxy never stores a permanent key to your cluster.
How iddio replaces shared secrets with cryptographic identity. Each agent gets a client certificate signed by iddio's own CA, with its name embedded as a SPIFFE URI.
How iddio maps audit events to SOC 2 Trust Services Criteria. Automated evidence generation for CC6.1, CC6.2, CC6.3, and CC7.2 — exportable as JSON or CSV.
How iddio proxies SSH connections with the same classify-enforce-audit pipeline as Kubernetes. JIT SSH certificates, compound command classification, and PTY relay.
How iddio integrates Open Policy Agent for enterprise-grade policy evaluation. Build-tag gating, the PolicyEvaluator interface, shadow mode for safe rollouts, and fail-closed semantics.
How iddio swaps policy and token configuration without dropping a single request. File watching with fsnotify, 500ms debounce, RWMutex-protected atomic swaps, and last-known-good fallback.
How iddio routes escalation decisions to external systems. HMAC-signed webhook notifications, HTTP callback handlers, Slack integration, and the Approver interface.
How iddio pre-approves common operations so agents can work without interruption. Runbook YAML schema, pattern matching, tier downgrade mechanics, and max_tier safety caps.