Versions:
Topaz 0.33.12, published by Aserto, is an authorization micro-service that combines Relationship-Based Access Control (ReBAC) and Attribute-Based Access Control (ABAC) in a single, lightweight binary. Designed to be embedded directly inside an application or deployed as a sidecar, it evaluates fine-grained permissions in real time by consuming policy bundles authored in the Open Policy Agent (OPA) Rego language. Typical use cases include enforcing multi-tenant isolation in SaaS platforms, granting row-level security in analytical dashboards, and propagating user-to-resource relationships such as “owner,” “editor,” or “viewer” across micro-services without centralizing all identity data. The engine keeps an in-memory graph of relationships, allowing depth-based queries like “can this service account impersonate a user who is a member of a team that owns the document?” to be answered in sub-millisecond latency. Topaz exposes a REST and gRPC authorization endpoint compatible with the OpenAPI 3 and gRPC Health Checking protocols, so existing gateways or service meshes can call it without additional SDKs. Administrators package policies, relationship data, and attribute schemas into versioned OCI images that can be cached locally, making the service fully stateless and horizontally scalable. Since its first release, the project has shipped 80 successive versions, iterating on performance, audit logging, and integrations with identity providers such as Auth0, Azure AD, and Okta. The software is classified under Development Tools / Security & Encryption. Topaz is available for free on get.nero.com, with downloads delivered through trusted Windows package sources such as winget, always supplying the latest build and supporting batch installation alongside other applications.
Tags: