Skip to main content

The most recent patch for this version is 1.0.3.  Learn more  

Preparation to deploy CAQ

Contextual Authorization Query (CAQ) is downloaded through the AWS CLI.

Install AWS CLI according to the instructions hereOpens in a new tab.

To have the appropriate access to Axiomatics' downloads, you need to configure the AWS CLI account with the aws configure command, as explained hereOpens in a new tab. For this step, you will need an Access key ID and a Secret access key, which will be provided to you by Axiomatics.

Download the vulnerabilities report

You can download a comprehensive vulnerabilities analysis report for CAQ.

After configuring the AWS CLI account, run the following command to download the vulnerabilities report from S3:

aws s3api get-object --bucket axiomatics-customer-artifacts --key releases/com/axiomatics/contextual-authorization-query/1.0.3/caq-vulnerabilities-report-1.0.3.html caq-vulnerabilities-report-1.0.3.html

This downloads an HTML report file to your computer.

Download the file

CAQ is downloaded as a single JAR file.

After configuring the AWS CLI account, run the following command in the terminal to download the JAR file:

aws s3api get-object --bucket axiomatics-customer-artifacts --key releases/com/axiomatics/contextual-authorization-query/1.0.3/contextual-authorization-query-1.0.3.jar contextual-authorization-query-1.0.3.jar
note

In the CAQ documentation, the jar file is always referred to in full, that is, contextual-authorization-query-1.0.3.jar.

This downloads the selected file to your computer.

Initiate the deployment

note

In the snippets below replace:

  • <domain> with your domain YAML file name.

To start the application you need the following:

  • contextual-authorization-query-1.0.3.jar

  • deployment.yml

    The deployment.yml file contains the deployment configuration including the file references to a domain and a valid license as described in the section Basic configuration.

    • <domain>.yml
    • axiomatics_CAQ.license

  • Additional jar files (optional)

    When you want to use additional .jar files (for example a JDBC driver or attribute connectors), you should add them under a lib sub-directory.

    If you want to use attribute connectors please refer to the Attribute Connectors section.

Important

The deployment yaml file of the CAQ should be in the same folder as the contextual-authorization-query-1.0.3.jar file.

The file structure that is needed for the the contextual authorization query deployment is displayed in the example below:

├─ contextual-authorization-query-1.0.3.jar
├─ deployment.yml
├─ lib/
    ├─ sql-attribute-connector-<sql_ac_version>.jar
    ├─ jbdc.jar

Start the application

To start the deployment process, execute the following command:

java -jar <path_to_file>/contextual-authorization-query-1.0.3.jar
Important

Make sure to execute the java command from the directory that contains the deployment.yaml and the lib folder.

Next steps

  • The instructions above assume CAQ is started with a basic deployment configuration file. This file can be adapted to your configuration requirements. See the section Basic configuration for more information.
  • There are also custom configurations you may want to consider for your implementation of CAQ. Please check the Additional configuration section.