Service roles for managing data schemas using Schema Registry
With Schema Registry service roles, you can view namespaces, subjects, and schemas in a schema registry, as well as create, edit, and delete namespaces and schemas.
schema-registry.auditor
The schema-registry.auditor role enables viewing information on namespaces.
schema-registry.viewer
The schema-registry.viewer role enables viewing info on schemas and namespaces and comparing schema versions.
This role also includes the schema-registry.auditor permissions.
schema-registry.editor
The schema-registry.editor role enables managing schemas and namespaces.
Users with this role can:
- View info on schemas, create, modify, and delete them, and compare schema versions.
- View info on namespaces and create, modify, and delete them.
This role also includes the schema-registry.viewer permissions.
schema-registry.admin
The schema-registry.admin role enables managing Schema Registry, as well as schemas and namespaces.
Users with this role can:
- View info on schemas, create, modify, and delete them, and compare schema versions.
- View info on namespaces and create, modify, and delete them.
This role also includes the schema-registry.editor permissions.
What roles do I need
The table below lists the roles required to perform a particular action. You can always assign a role offering more permissions than the one specified. For instance, you can assign editor instead of viewer.
| Action | Required roles |
|---|---|
| Viewing namespaces | schema-registry.auditor |
| Viewing subjects | schema-registry.viewer |
| Viewing schemas | schema-registry.viewer |
| Comparing schema versions | schema-registry.viewer |
| Creating namespaces | schema-registry.editor |
| Creating schemas | schema-registry.editor |
| Editing namespaces | schema-registry.editor |
| Editing schemas | schema-registry.editor |
| Deleting namespaces | schema-registry.editor |
| Deleting schemas | schema-registry.editor |