Local developer experience (OneBox)
Aserto's authorizer is available as a docker container that you can run locally. This "all-in-one" version of the Aserto Authorizer is referred to as the OneBox.
The CLI provides a management experience over the OneBox.
The OneBox requires
docker to be installed and running.
To install Docker on a Mac or Linux system:
brew install --cask docker
To get started with the OneBox, you can pull it down using the Aserto CLI.
Sign in to your Aserto account:
The following command will pull down the latest
aserto-one docker image.
aserto developer install
The next command will pull down the configuration for a policy that you've set up in the console, using
the name you gave it (in the example below,
aserto developer configure peoplefinder
The following command will
docker run a local container with the
peoplefinder policy configuration:
aserto developer start peoplefinder
You can use the next command to open a browser window that shows a local version of the console, to see what policies and users the local authorizer has. It also has a Rego playground and an API explorer that allow you to experiment with the Aserto authorization system.
aserto developer console # will show you what the local authorizer is running
The next few commands help manage the
aserto-one docker instance and image.
aserto developer status # displays the running status of the authorizer
aserto developer stop # stops the authorizer
aserto developer update # updates the authorizer image to :latest
The OneBox can be connected to the Aserto control plane. This enables additional functionality, including the ability to issue commands to the OneBox remotely. To connect the OneBox to the Aserto control plane see the edge authorizers section.