Strata Identity launches open-source project enabling multi-cloud access policy management for organizations

Strata Identity, U.S.-based identity orchestration provider for multi-cloud environments with a significant presence in Vancouver, has announced the availability of the Hexa open-source project that enables organizations to unify and consistently manage all of their access policies across multi-clouds, on-premises systems, and vendors.

Hexa enables this using the New Identity Query Language (IDQL) standard, which is a new common policy format used to define identity access policies in a declarative way. 

Currently, each cloud platform (AWS, Google, Microsoft Azure, and others) uses a proprietary identity system with its own policy language, all of which are incompatible with each other. Meanwhile, each application must be hardcoded to work with a specific identity system. IDQL and Hexa enable any number of identity systems to work together as a unified whole, without making any changes to them or to applications, Strata Identity explains. 

“Just as Kubernetes transformed computing by allowing applications to transparently move from one machine to another, IDQL enables access policies to move freely between proprietary identity systems,” said Eric Olden, chief executive officer of Strata Identity. “IDQL and Hexa eliminate identity silos in the cloud and on-premises, by creating an intelligent, distributed identity system with one brain.”

How does Hexa work?

Together IDQL and Hexa provide the following capabilities:

Policy discovery
  •  Analyzes and performs inventory of key apps, data, and policies
  •  Uncovers which apps exist and where they are
  •  Finds what policies, users, and roles exist
Policy translation
  • Translates native, imperative policies into declarative IDQL policies during policy discovery
  • Translates declarative IDQL policies into native, imperative policies of the target system(s) during policy orchestration
Policy orchestration
  • Distributes policies to be enforced by identity providers (IdPs), clouds, IaaS, and network systems
  • Works via a cloud-based architecture that does not require an agent, proxy or local code
  • Uses an extensible, open-source model that supports custom connector integrations


IDQL and Hexa are managed under a vendor-neutral working group and an open-source, open governance model and will remain independent from any company or company-sponsored project. Interest in building open standards for cloud identity is being driven by global multi-cloud adoption and incompatibility between cloud identity systems. The authors of IDQL and Hexa include Strata Identity, Kroger, Versa Networks, S&P Global, Cummins, and MEF. Others interested in supporting the project can find more information here.

One working group member in particular understands the need to unify policy orchestration from the application to the network layer. “IDQL and Hexa provide the necessary framework for linking identity and policy to the Zero Trust standards being developed at MEF today,” said Pascal Menezes, chief technical officer of MEF. “MEF is proud to be an early supporter of IDQL and Hexa and we look forward to collaborating further in the future.”

IDQL and Hexa are public projects with code repos available on GitHub here. The two components of the project have been submitted as a sandbox project to the Cloud Native Computing Foundation (CNCF). More information about Hexa and IDQL can be found here

Strata Identity is also hosting a panel webinar with other members of the working group entitled “The building of a new identity standard: Why the multi-cloud world needs IDQL and Hexa to unify policy” on May 25 at 10 am PT / 1 pm ET. Visit this link to register. 

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Pragya Sehgal
Pragya Sehgal
Her characters are bold and smart, but in real life, Pragya is afraid of going upstairs when it is dark behind her. Born and raised in the capital city of India - Delhi - bounded by the Yamuna River on the west, Pragya has climbed the Himalayas, and survived medical professional stream in high school without becoming a patient or a doctor. Pragya now makes her home in Canada with her husband - a digital/online marketing professional who also prepares beautiful, healthy and delicious meals for her. When she isn’t working or writing around tech, she’s probably watching art films on Netflix, or wondering whether she should cut her hair short or not.

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.