Manage Karapace schema registry authorization
Karapace schema registry authorization allows you to authenticate the user, to control access to individual Karapace schema registry REST API endpoints, and to filter the content the endpoints return.
Some older Aiven for Apache Kafka® services may not have this feature enabled by default. In this case, enable Karapace schema registry authorization.
Karapace schema registry authorization is configured using Access Control Lists (ACLs). You can manage the Karapace schema registry authorization ACL entries using the Aiven CLI.
Using the Aiven CLI commands, you can
- Add ACL
- Delete ACL
- View ACL list
For more information on the ACL commands, the required parameters and examples, see avn service schema-registry-acl.
Manage resources via Terraform
Additionally, the
Aiven Terraform provider supports managing Karapace schema registry authorization ACL
entries with the aiven_kafka_schema_registry_acl
resource. For more
information, see the resource
documentation.
An example of resource configuration via Terraform is as shown below:
resource "aiven_kafka_schema_registry_acl" "my_resource" {
project = aiven_kafka_topic.demo.project
service_name = aiven_kafka_topic.demo.service_name
resource = "Subject:${aiven_kafka_topic.demo.topic_name}"
username = aiven_kafka_user.demo.username
permission = "schema_registry_read"
}