avn service schema-registry-acl#

Here you’ll find the full list of commands for avn service schema-registry-acl.

Manage Karapace schema registry access control lists for Apache Kafka®#

Commands for managing Karapace schema registry authorization for your Aiven for Apache Kafka® service via avn commands.

avn service schema-registry-acl-add#

Adds a Karapace schema registry ACL entry. The detailed explanation of parameters can be found in the dedicated page.

Parameter

Information

service_name

The name of the service

--permission

The permission type: possible values are schema_registry_read or schema_registry_write

--resource

The resource to grant access to, can be in the form of Config: or Subject:<subject>, accepts * and ? as wildcard characters. More information can be found in the dedicated page.

--username

The username pattern: accepts * and ? as wildcard characters

Example: Add an ACL for users with username starting with userAB to write (schema_registry_write) subjects having name starting with s123 in the Aiven for Apache Kafka® service kafka-doc.

avn service schema-registry-acl-add kafka-doc \
  --username 'userAB*'                        \
  --permission schema_registry_write          \
  --resource 'Subject:s123*'

avn service schema-registry-acl-delete#

Deletes a Karapace schema registry ACL entry.

Parameter

Information

service_name

The name of the service

acl_id

The id of the Karapace schema registry ACL to delete

Example: Delete the Karapace schema registry ACL with id acl3604f96c74a on the Aiven for Apache Kafka® instance named kafka-doc.

avn service schema-registry-acl-delete kafka-doc acl3604f96c74a

avn service schema-registry-acl-list#

Lists Karapace schema registry ACL entries.

Parameter

Information

service_name

The name of the service

Example: List the ACLs defined for an Aiven for Apache Kafka® service named kafka-doc.

avn service schema-registry-acl-list kafka-doc

The command output is:

ID                        USERNAME  RESOURCE         PERMISSION
========================  ========  ===============  =====================
default-sr-admin-config   avnadmin  Config:          schema_registry_write
default-sr-admin-subject  avnadmin  Subject:*        schema_registry_write
acl12345678901            userAB*   Subject:s123*    schema_registry_write