From ccdfb37baf16c9512aae47e71ca02ca64811f6f3 Mon Sep 17 00:00:00 2001 From: Omri Gazitt Date: Tue, 25 Apr 2023 10:31:29 -0700 Subject: [PATCH] Update config.md Added a bit more info on local vs remote directory --- docs/config.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/docs/config.md b/docs/config.md index 8b843555..15e1733f 100644 --- a/docs/config.md +++ b/docs/config.md @@ -81,9 +81,14 @@ status: SERVING ### c. Directory Service -Topaz is able to communicate with a directory service based on the [pb-directory proto](https://github.com/aserto-dev/pb-directory) definitions. When the remote address is configured to localhost, topaz is able to spin-up a grpc [edge directory service](https://github.com/aserto-dev/go-edge-ds) based on [bbolt](https://pkg.go.dev/go.etcd.io/bbolt) +Topaz is able to communicate with a directory service based on the [pb-directory proto](https://github.com/aserto-dev/pb-directory) definitions. When the remote address is configured to localhost, topaz is able to spin-up a grpc [edge directory service](https://github.com/aserto-dev/go-edge-ds) based on [bbolt](https://pkg.go.dev/go.etcd.io/bbolt). -Example: +The remote address can also be configured to a service that implements the proto definitions (for example, the Postgres-based Aserto directory service). In this case, Topaz will NOT spin-up a local edge directory service, and instead send all directory requests to this remote service. +- *address* - string - address:port of the remote directory service +- *api_key* - string - API key for the directory +- *tenant_id* - string - the directory tenant ID + +Example (using the hosted Aserto directory): ``` directory_service: remote: @@ -163,4 +168,4 @@ opa: registry_service: 'ghcr.io' registry_image: 'aserto-policies/policy-peoplefinder-rbac' digest: 'b36c9fac3c4f3a20e524ef4eca4ac3170e30281fe003b80a499591043299c898' -``` \ No newline at end of file +```