Rudolph is the control server counterpart of Santa, and is used to rapidly deploy configurations to Santa agents.
Rudolph is built in Amazon Web Services, and utilizes exclusively serverless components to reduce operational burden. It is designed to be fast, easy-to-use, low-maintenance, and cost-conscious.
Rudolph is built for teams interested in deploying Santa to implement Binary Authorization on MacOS environments. In particular, it is designed around supporting:
- Santa in
LOCKDOWN
Mode - Realtime unblocking
- Machine-specific configurations
Addtionally, Rudolph uses Amazon Web Services and is ideal for teams that are too small to stand up or maintain more sophisticated environments.
- Easy deployment: Set up the entire stack in 20 minutes. Tear it down in 1 minute
- (Almost) Zero maintaintence
- Proven scalability & cost-efficiency
- Scales up and down automatically
- High performance; Rudolph is designed to support 60-second sync intervals on Santa sensors, for real-time unblocking
More information can be found in our primer on Lockdown.
Start by deploying rudolph (docs/deploy.md).
Next, deploy and configure your Santa sensors (docs/configuring-santa.md).
Use the cli to sync rules (docs/rules.md).