Ability to manage Schema Registry ACLs

[jmjesperson]

Similar to managing Kafka cluster ACLs in Terraform with the resource confluent_kafka_acl.

I want the ability to manage Schema Registry Cluster ACLS via Terraform. Currently, the only way I can manage these are via the Confluent Cloud UI or Schema Registry ACL Authorizer.

[0angelic0]

+1

Just encountered the issue. Could not find a way to manage schema registry ACL from the doc (https://registry.terraform.io/providers/confluentinc/confluent/latest/docs/resources/confluent_api_key) after created a service account and a schema registry api key. Then found this github issue.

[jmjesperson]

+1

Just encountered the issue. Could not find a way to manage schema registry ACL from the doc (https://registry.terraform.io/providers/confluentinc/confluent/latest/docs/resources/confluent_api_key) after created a service account and a schema registry api key. Then found this github issue.

My work around has been to use Role Binding -> https://registry.terraform.io/providers/confluentinc/confluent/latest/docs/resources/confluent_role_binding

[nickatnight]

Is Role Binding still limited to basic cluster? From docs

Note: Basic Kafka cluster with authorization using RBAC configuration is not supported, because both DeveloperRead and DeveloperWrite roles are not available for Basic Kafka clusters.

[skippaDaBitFlippa]

+1 Just encountered the issue. Could not find a way to manage schema registry ACL from the doc (https://registry.terraform.io/providers/confluentinc/confluent/latest/docs/resources/confluent_api_key) after created a service account and a schema registry api key. Then found this github issue.

My work around has been to use Role Binding -> https://registry.terraform.io/providers/confluentinc/confluent/latest/docs/resources/confluent_role_binding

Do you still have to create a separate API key for that service account to access the schema registry? What credentials do you use when the role binding has been created for a service account?