Service roles for managing data schemas using Schema Registry
With Schema Registry service roles, you can view namespaces, subjects, and schemas in a schema registry, as well as create, edit, and delete namespaces and schemas.
schema-registry.auditor
The schema-registry.auditor
role enables viewing information on namespaces.
schema-registry.viewer
The schema-registry.viewer
role enables viewing info on schemas and namespaces and comparing schema versions.
This role also includes the schema-registry.auditor
permissions.
schema-registry.editor
The schema-registry.editor
role enables managing schemas and namespaces.
Users with this role can:
- View info on schemas, create, modify, and delete them, and compare schema versions.
- View info on namespaces and create, modify, and delete them.
This role also includes the schema-registry.viewer
permissions.
schema-registry.admin
The schema-registry.admin
role enables managing Schema Registry, as well as schemas and namespaces.
Users with this role can:
- View info on schemas, create, modify, and delete them, and compare schema versions.
- View info on namespaces and create, modify, and delete them.
This role also includes the schema-registry.editor
permissions.
What roles do I need
The table below lists the roles required to perform a particular action. You can always assign a role offering more permissions than the one specified. For instance, you can assign editor
instead of viewer
.
Action | Required roles |
---|---|
Viewing namespaces | schema-registry.auditor |
Viewing subjects | schema-registry.viewer |
Viewing schemas | schema-registry.viewer |
Comparing schema versions | schema-registry.viewer |
Creating namespaces | schema-registry.editor |
Creating schemas | schema-registry.editor |
Editing namespaces | schema-registry.editor |
Editing schemas | schema-registry.editor |
Deleting namespaces | schema-registry.editor |
Deleting schemas | schema-registry.editor |