Run as a binary

Topaz releases are available on github. The tarball contains both the topaz CLI (which can be used to create a configuration file), as well as topazd (which can be run as a daemon, and provides the authorizer APIs).

Download the tarball from your command line

Downloads are available for Linux (amd64, arm64); MacOS (amd64, arm64); and Windows (zip, MSI).

For example, to get the latest release for Linux amd64:

TOPAZ_PLATFORM=topaz_linux_x86
TOPAZ_URL=$(curl -s https://api.github.com/repos/aserto-dev/topaz/releases/latest|grep browser_download_url|grep $TOPAZ_PLATFORM|cut -d\" -f4)
curl -L $TOPAZ_URL > topaz.zip

For Linux arm64:

TOPAZ_PLATFORM=topaz_linux_arm64
TOPAZ_URL=$(curl -s https://api.github.com/repos/aserto-dev/topaz/releases/latest|grep browser_download_url|grep $TOPAZ_PLATFORM|cut -d\" -f4)
curl -L $TOPAZ_URL > topaz.zip

Unzip the tarball

unzip topaz.zip
Archive:  topaz.zip
  inflating: LICENSE
  inflating: README.md
  inflating: topazd
  inflating: topaz

Create a configuration file

Topaz requires a configuration file in order to run. The configuration file can be created using the topaz config new command, documented here. A configuration file is automatically created when you install a template, documented here.

For example, to use the sample todo policy, you can run the following:

./topaz config new -d -r ghcr.io/aserto-policies/policy-todo:latest -n todo

This will create a config file in $HOME/.config/topaz/cfg/todo.yaml.

Run the topaz daemon

TOPAZ_DIR=$HOME/.config/topaz ./topazd run -c $HOME/.config/topaz/cfg/todo.yaml