This is pluggable serde implementation for kafka-ui.
You can read about Glue Schema registry and how it can be applied for Kafka usage.
For the properties description and configuration example, please take a look at docker-compose file.
We use DefaultCredentialsProvider in tests, so one can configure env as described in its documentation. Authorized user should be able to create and delete Glue Schema registries and schemas.
Example:
mvn clean test -Daws.accessKeyId="..." -Daws.secretAccessKey="..."
For the serde to serialize and deserialize messages it needs the necessary permissions granted to the role/credentials being used.
These permissions can be granted against a wildcard resource to grant access for all registries and schemas in your account.
Example:
{
"Action": [
"glue:GetSchema",
"glue:GetSchemaVersion"
],
"Resource": [
"*"
],
"Effect": "Allow"
}
Or limit it to specific resources using their ARNs.
- registry:
arn:${Partition}:glue:${Region}:${Account}:registry/${RegistryName} - schema:
arn:${Partition}:glue:${Region}:${Account}:schema/${SchemaName}
Note schema names in the ARN are prefixed with registry name, so to grant permission for all schemas in a registry you can use ${RegistryName}/*
Example: for account 012345678 in eu-west-1 to grant access to all schemas in the registry myGlueRegistry the following policy is needed.
{
"Action": [
"glue:GetSchema",
"glue:GetSchemaVersion"
],
"Resource": [
"arn:aws:glue:eu-west-1:012345678:schema/myGlueRegistry/*",
"arn:aws:glue:eu-west-1:012345678:registry/myGlueRegistry/*",
"arn:aws:glue:eu-west-1:012345678:registry/myGlueRegistry"
],
"Effect": "Allow"
}