CONFLUENT PLATFORM
The Schema Registry security plugin provides authorization for operations on schemas for subjects, which correspond to Kafka topics.
The supported operations and corresponding Schema Registry URIs are listed here. These apply to both role-based access control (RBAC) and ACL authorization.
Tip
You can use both RBAC and ACLs together or independently. Both methods of access control have their strengths and use cases. To learn more, see RBAC and ACLs in the RBAC overview.
GET
/subjects/(string: subject)/versions
/subjects/(string: subject)/versions/
POST
/subjects/(string: subject)
/compatibility/subjects/(string: subject)/versions/(versionId: version)
DELETE
/subjects/(string: subject)/versions/(versionId: version)
/schemas/ids/{int: id}
/config/(string: subject)
PUT
/config
/subjects
For more information on these operations, see the Schema Registry API.
Incoming requests are mapped to a Schema Registry Operation as outlined in above table, after which the request is authorized using the configured authorizer.
The implementation used to authorize Schema Registry requests. This needs to be an implementation of the SchemaRegistryAuthorizer interface.
SchemaRegistryAuthorizer
These Schema Registry authorizers are provided natively.