Show HN: Cordium – FOSS identity-based sandbox platform with zero-trust access

Category: infrastructure

Tags: sandbox, zero-trust, kubernetes, identity-based-access, secretless, remote-development, devsecops

Score: 7.3/10 (Innovation: 7, Technical: 8, Documentation: 7, Utility: 7)

Cordium is an open-source, self-hosted sandbox platform on Kubernetes that provides isolated environments for developers, AI agents, and CI/CD workloads, with a key differentiator being identity-based, secretless zero-trust access to infrastructure via Octelium ZTNA. It combines sandbox execution with policy-driven, credential-free access to databases, SSH, HTTP APIs, and mTLS services, eliminating credential sprawl for both humans and automated workloads. Its use of identity-based ABAC, OTel-native auditing, and support for persistent or ephemeral workspaces makes it a novel and practical tool for secure remote development and agent automation.

Target audience: backend devs, devops, platform engineers, security engineers, AI/ML engineers

Repository: https://github.com/octelium/cordium · TypeScript · Apache-2.0 · 37 stars

View on Hacker News