How Topaz works
How Topaz intercepts Azure API calls using DNS and TLS, runs the ARM control plane alongside service data planes, and coordinates the two-binary architecture.
Control plane and data plane
The difference between the Azure ARM control plane and service data planes — what each handles, why Topaz implements both, and why most Azure emulators only cover one.
DNS and TLS in Topaz
Why Topaz requires DNS configuration and a trusted certificate — the mechanics behind hostname-based Azure emulation and what the TLS wildcard certificate covers.
Authentication and identity
How Topaz emulates Entra ID (Azure Active Directory) — token issuance, credential flows, and what the local identity layer does and does not replicate.
Service emulation design
Topaz's design philosophy — what it emulates faithfully, where it simplifies, and why the code you write against Topaz runs unchanged against real Azure.
App Service forward proxy
How Topaz's App Service forward proxy works — transparent HTTP forwarding from a *.azurewebsites.topaz.local.dev hostname to your local container, and why this is the foundation for advanced Docker Compose scenarios.