Granular permissions by cluster

Granular permissions by cluster

1 Topic Permissions

Once the topic prefix to be used has been identified, we will assign the required permissions to Smart Gateway.
We will start by configuring permissions for Topics.

The required permissions are:

  • DeveloperWrite
  • DeveloperRead
  • DeveloperManage

These permissions are required to allow Smart Gateway to create, read, write, and manage the topics it generates.



2 Consumer Group Permissions

In the Consumer Groups section, we will add the prefix that Smart Gateway will use.

Only the following permission is required:

  • DeveloperRead

This permission allows Smart Gateway to consume messages from the configured consumer groups.


3 Schema Registry Permissions

Finally, we will assign permissions in the Schema Registry, which is responsible for managing and creating the AVRO schemas used by the topics.

The required permissions are:

  • DeveloperRead
  • DeveloperWrite

These permissions allow Smart Gateway to register, read, and update AVRO schemas as needed.



    • Related Articles

    • Optional Configurations - Configuring the Producer Ingress Cluster & Internal Load Balance Creation

      Configuring the Producer Ingress Cluster (OPTIONAL) Note: This step is only required if, during the deployment creation, the environment variable "KUBERNETES_ISINGRESSACTIVE" in the builder-deployment.yaml manifest was set to true. Navigate to the ...

    • Azure - One Connect Deployment Prerequisites

      Before you Begin: The following deployment manuals assumes a basic understanding of Kubernetes concepts. For more information, refer to Kubernetes core concepts for Azure Kubernetes Service (AKS). Before you begin: If you don't have an Azure account, ...

    • AWS - EKS EC2 One Connect Deployment Manual with Terraform

      This manual provides step-by-step instructions for deploying an Amazon EKS (Elastic Kubernetes Service) cluster using Terraform. It includes the configuration of essential components such as AWS credentials, infrastructure provisioning, EBS CSI ...

    • Azure - OneConnect Deployment and Configuration

      One Connect Platform: Kubernetes Azure Deployment Manual for Private Network This manual outlines the steps required to deploy the One Connect system on a Kubernetes cluster within a Private Network (meaning the OneConnect Platform will not be ...

    • How to connect Kubectl to BTP Kyma environment using AWS EC2

      Overview This guide walks through the steps required to connect kubectl to a BTP Kyma environment using an AWS EC2 instance as the intermediary host. Prerequisites EC2 instance running Amazon Linux. pem key file for the EC2 instance (e.g., ...