Topaz

Topaz is an open-source, self-hosted, fine-grained access control service designed for cloud-native applications. It offers real-time, policy-based authorization, allowing developers to implement fine-grained access control models that can evolve from role-based access control (RBAC) to attribute-based access control (ABAC) or relationship-based access control (ReBAC). The service separates authorization policies from application code, promoting a "policy-as-code" workflow and enhancing security by packaging policies into immutable, signed OCI images.

Topaz is designed to be deployed alongside applications for swift authorization decisions using local data. It manages users, groups, objects, and relationships in an embedded database, optimizing query evaluations. The tool supports various programming languages and frameworks, including Node.js, Go, Python, Java, ASP.NET, and Ruby, providing comprehensive documentation and resources for quick integration.