Unable to switch role for accessing Glue Schema Registry

[olivd4400]

Hello,

With Amazon MSK Library for AWS Identity and Access Management, it is possible to switch role for accessing MSK cluster (https://github.com/aws/aws-msk-iam-auth?tab=readme-ov-file#specifying-an-aws-iam-role-for-a-client)

security.protocol=SASL_SSL sasl.mechanism=AWS_MSK_IAM #sasl.jaas.config=software.amazon.msk.auth.iam.IAMLoginModule required; sasl.jaas.config=software.amazon.msk.auth.iam.IAMLoginModule required awsRoleArn="arn:aws:iam::xxxxxx:role/msk_client_role" awsRoleSessionName="test-msk" ; sasl.client.callback.handler.class=software.amazon.msk.auth.iam.IAMClientCallbackHandler

This is working fine for Kafka access. Permissions that are checked within kakfa Ui for listing brokers, topics, ... are permissions attached to "msk_client_role" (endossed role)

However this SASL config awsRoleArn has no effect on the serde. Permissions that apply are the one attached to the logged user. Obvisously SASL config apply only to kafka-ui, not to the serde.

Would it be possible for the serde to swith to a specific role that allows Glue Schema Registry Access?

Thanks in advance,
Olivier

[Haarolean]

Hi, this repo is not maintained (provectus/kafka-ui#4255)
Happy to see your bug reports here: https://github.com/kafbat/ui-serde-glue