Skip to main content
Each service account represents an application programmatically accessing StreamNative Cloud. You can manage application access to StreamNative Cloud by using service accounts. Permissions can be specified using ACLs and role bindings tied to a specific service account. ACLs and role bindings for service accounts are set by an administrator or another user with a similar role within the organization. Service accounts are an organization-level resource. Service accounts span the entire organization and can own API keys for many different resources, including development and production clusters. A typical use case has one team administering the StreamNative Cloud platform and issuing service accounts (with ACLs applied) to various application teams that use the data streaming platform. While service accounts cannot sign in to StreamNative Cloud Console, they can own any type of API keys that can be used for CLI or API access. Keep in mind the following:
  • Although users can leave or change roles within a company, applications continue to operate independently of the users, service accounts are especially useful in organizations requiring special identifiers for applications or services not be tied to a specific user.
  • You can create service accounts using any of the following methods:
When you delete a service account, all associated API keys will also be deleted. Any client applications using a deleted API key will lose access, which may cause an outage for your streaming application. Always confirm that none of the API keys owned by an account are in active use before deleting a service account.

Authentication Methods

Service accounts can authenticate to StreamNative Cloud using the following methods:
I