This page describes Roles in Lenses.
Lenses IAM is built around Roles. Roles contain policies and each policy defines a set of actions a user is allow to take.
Roles are then assigned to groups.
The Lenses policies are resource based. They are YAML based documents attached to a resource.
Each policy has:
Action
Resource
Effect
The action describes the action or verb that a user can perform. The format of the action is
For example to list topics in Kafka
For a full list of the actions see Permission Reference.
To allow all actions set '*'
To restrict access to resources, for example, only list topics being with red we can used use the resource field.
For a full list of the actions see Permission Reference.
To allow all actions set '*'
Effect is either allow the action on the resource or deny. If allow is not set the action will be denied and if any policy for a resource has a deny effect it takes precedence.
To Create Service Account go to IAM->Roles->New Role.
You can also manage Users via the CLI and YAML, for integration in your CI/CD pipelines.