Service Accounts for StreamNative Cloud

Each service account represents an application programmatically accessing StreamNative Cloud.

You can manage application access to StreamNative Cloud by using service accounts. Permissions can be specified using ACLs and role bindings tied to a specific service account. ACLs and role bindings for service accounts are set by an administrator or another user with a similar role within the organization.

Service accounts are an organization-level resource.

Service accounts span the entire organization and can own API keys for many different resources, including development and production clusters. A typical use case has one team administering the StreamNative Cloud platform and issuing service accounts (with ACLs applied) to various application teams that use the data streaming platform. While service accounts cannot sign in to StreamNative Cloud Console, they can own any type of API keys that can be used for CLI or API access. Keep in mind the following:

• Although users can leave or change roles within a company, applications continue to operate independently of the users, service accounts are especially useful in organizations requiring special identifiers for applications or services not be tied to a specific user.

• You can create service accounts using any of the following methods:

  • StreamNative Cloud Console: When creating service accounts using StreamNative Cloud Console, you can create API keys for the service account.
  • StreamNative CLI command snctl create serviceaccount.
  • StreamNative Cloud API
  • StreamNative Terraform Provider

Authentication Methods

Service accounts can authenticate to StreamNative Cloud using the following methods:

• Use OAuth to Authenticate to StreamNative Cloud
• Use API Keys to Authenticate to StreamNative Cloud