Manage service users in Aiven for Apache Kafka®
Create and manage service users in Aiven for Apache Kafka to enable secure access and interaction with your service.
Users with Admin permission can create topics with any name because
the CreateTopics permission applies at the cluster level.
Other permissions, such as Alter and Delete, apply only to topics that match
the specified pattern.
Add a user
- Aiven Console
- Aiven CLI
- Aiven API
To add service users using the Aiven Console, see Create a service user.
After creating a user, download their access key and certificate from the Users page.
Run the following command to create a service user:
avn service user-create <service-name> --username <user-name>
Parameters:
<service-name>: Name of the Aiven service.<user-name>: Username for the new service user.
Use the ServiceUserCreate API endpoint to create a service user:
curl -X POST https://api.aiven.io/v1/project/<project-name>/service/<service-name>/user \
-H "Authorization: Bearer <api-token>" \
-H "Content-Type: application/json" \
-d '{"username": "<user-name>"}'
Parameters:
<project-name>: Name of the Aiven project.<service-name>: Name of the Aiven service.<user-name>: Username for the new service user.<api-token>: Aiven API token for authentication.
Manage users
- Aiven Console
- Aiven CLI
- Aiven API
- Open your Aiven for Apache Kafka service in the Aiven Console.
- Click Users in the sidebar to view the list of users.
- To view the password, click Show password in the password field for the respective user.
- Click Actions in the respective user row and choose the
desired operation:
- Click Reset credentials to reset the credentials.
- Click Delete user to delete the user.
-
View users:
avn service user-list <service-name>Replace
<service-name>with the name of your Aiven service. -
Reset user credentials:
avn service user-password-reset <service-name> --username <user-name>Parameters:
<service-name>: Name of the Aiven service.<user-name>: Username of the service user.
-
Delete a user:
avn service user-delete <service-name> --username <user-name>Parameters:
<service-name>: Name of the Aiven service.<user-name>: Username of the service user.
-
View users:
curl -X GET https://api.aiven.io/v1/project/<project-name>/service/<service-name>/user \
-H "Authorization: Bearer <api-token>"Parameters:
<project-name>: Name of the Aiven project.<service-name>: Name of the Aiven service.<api-token>: Aiven API token for authentication.
-
Reset user credentials:
curl -X POST https://api.aiven.io/v1/project/<project-name>/service/<service-name>/user/<user-name>/reset-credentials \
-H "Authorization: Bearer <api-token>"Parameters:
<project-name>: Name of the Aiven project.<service-name>: Name of the Aiven service.<user-name>: Username of the service user.<api-token>: Aiven API token for authentication.
-
Delete a user:
curl -X DELETE https://api.aiven.io/v1/project/<project-name>/service/<service-name>/user/<user-name> \
-H "Authorization: Bearer <api-token>"Parameters:
<project-name>: Name of the Aiven project.<service-name>: Name of the Aiven service.<user-name>: Username of the service user.<api-token>: Aiven API token for authentication.