By clicking "Accept all cookies" you agree to have cookies stored on your device to improve site navigation, analyze site usage, and assist with our marketing efforts. See our privacy policy for more information.
DenyAccept
Blog
January 6, 2025
10 min

RBAC is now available for Public Preview with predefined roles

Sijie Guo
Co-Founder and CEO, StreamNative

We’re thrilled to announce that Role-Based Access Control (RBAC) is now available for Public Preview on StreamNative Cloud! This marks a significant step forward in our commitment to providing secure, streamlined, and enterprise-ready solutions for managing data streaming environments.

Why RBAC Matters in Data Streaming

In the world of enterprise software, ensuring the right people have the right level of access to critical resources is a cornerstone of security. RBAC has long been a trusted framework for achieving this, particularly when safeguarding sensitive data is paramount. But why is RBAC so essential in the context of data streaming?

In the early days of data streaming, the workflow was simple: someone requested a data topic, and it landed in a designated destination like a database or data warehouse. Fast forward to today, and the landscape is far more intricate:

  • Real-time data has become a business necessity.
  • Microservices have introduced new architectures and workflows.
  • Data topics are requested by multiple departments, often destined for diverse systems.

This explosion in real-time data demand has led to challenges like manual tracking systems (“secret master spreadsheets”), inefficiencies, and fragmented solutions.

With the rise of Apache Kafka, many organizations deployed isolated Kafka instances across teams, resulting in data silos. Recognizing these limitations, Apache Pulsar was designed with multi-tenancy at its core, enabling shared environments while maintaining security and organization.

Now, StreamNative is taking it a step further. With RBAC, we’re providing a secure, unified environment for managing access across multi-tenant deployments in Pulsar—ensuring your data streaming infrastructure is efficient and well-protected.

StreamNative RBAC: Predefined Roles for Simplified Access Management

To make adoption seamless, StreamNative offers predefined roles tailored to common use cases. These roles provide granular access controls, empowering teams to securely manage resources:

  • Org Admin (org-admin): Full administrative privileges for managing the entire organization.
  • Org Read Only (org-readonly): Read-only access for monitoring and auditing purposes.
  • Tenant Admin (tenant-admin): Full control over a specific tenant.
  • Tenant Read Only (tenant-readonly): Read-only access to tenant-level resources.
  • Topic Producer (topic-producer): Permissions to produce data to specified topics.
  • Topic Consumer (topic-consumer): Permissions to consume data from specified topics.

These predefined roles are designed to simplify setup while offering the flexibility to fine-tune permissions as needed.

RBAC vs. ACLs: Enhanced Flexibility

RBAC role bindings work seamlessly with Pulsar ACLs (Access Control Lists) to provide comprehensive access control. Permissions can be granted through ACLs, RBAC role bindings, or both. The system evaluates all granted permissions to determine access, offering:

  • Explicit Permissions: Users no longer have implicit Super Admin (Super User) access; they only have the permissions explicitly granted to them.
  • Granular Access: Apply ACLs or RBAC role bindings to principals (users or service accounts) for fine-grained control.
  • Combined Use: Use ACLs and RBAC role bindings together to meet complex access requirements.

For a deeper dive, explore our RBAC and ACL Documentation.

How to Enable RBAC

Ready to take control of your data streaming environment with RBAC? Enabling this feature is simple. Reach out to your account manager or our support team for assistance. We’re here to help you implement RBAC smoothly and effectively.

For additional details, check out the release notes.

Secure Your Data Streaming Environment Today

With RBAC on StreamNative Cloud, you can:

  • Enhance security by ensuring precise access control.
  • Streamline management of multi-tenant environments.
  • Improve operational efficiency with predefined roles and granular permissions.

Join the Public Preview and experience how RBAC can transform your data streaming operations. Get started today and empower your teams with the tools they need to succeed!

This is some text inside of a div block.
Button Text
Sijie Guo
Sijie’s journey with Apache Pulsar began at Yahoo! where he was part of the team working to develop a global messaging platform for the company. He then went to Twitter, where he led the messaging infrastructure group and co-created DistributedLog and Twitter EventBus. In 2017, he co-founded Streamlio, which was acquired by Splunk, and in 2019 he founded StreamNative. He is one of the original creators of Apache Pulsar and Apache BookKeeper, and remains VP of Apache BookKeeper and PMC Member of Apache Pulsar. Sijie lives in the San Francisco Bay Area of California.

Related articles

Show all
Blog
Dec 18, 2024
20 min

StreamNative’s 2024 Year in Review

StreamNative Cloud
Data Lakehouse
BYOC
Kafka
GenAI
Product Announcements
Blog
Dec 12, 2024
15 min

Data Platforms Optimized for the Cloud – the StreamNative and Snowflake Partnership

StreamNative Cloud
Data Lakehouse
Category
5 min read

Blog title heading will go here

Read more
Category
5 min read

Blog title heading will go here

Read more
Category
5 min read

Blog title heading will go here

Read more
Show all

Newsletter

Our strategies and tactics delivered right to your inbox

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Security