Prepare credentials and permission in Kafka

Certain credentials and permission are required for Validio to validate your data:

A service account with access and permissions to the specific Kafka clusters. For more information, refer to Kafka security documentationand Confluent: Kafka SASL/PLAIN authentication.

Authentication methods for Source config

You can select either Kafka SSL Certificate or SASL Plain Credential as authentication method for your Kafka clusters.

Field	Description	Options
Credential type	Select an authentication method.	Kafka SSL Credential SASL Plain Credential

The Kafka SSL Credential requires the following parameters and certificates:

Field	Description
Name	Identifier for the credentials. Used when accessing Sources.
Bootstrap server	The address of Kafka load balancer or Kafka cluster address. Use a comma to separate multiple addresses.
CA certificate	A certificate of Certificate authority (CA) in CRT format.
Client certificate	Client SSL certificate in PEM format.
Client private key	Private keys of client certificate in PEM format.
Client private key password	Password or passphrase of private keys for the client certificate.

You can either provide the certificates and client private key as plain text or upload the files.

The Kafka SASL SSL Plain Credential uses TLS/SSL as transport layer and requires the following parameters and certificates:

Field	Description
Name	Identifier for the credentials. Used when accessing Sources.
Bootstrap server	The address of Kafka load balancer or Kafka cluster address. Use a comma to separate multiple addresses.
Username	Username for the SASL Plain Credential.
Password	Password for the SASL Plain Credential.

Field	Description
Name	Identifier for the Source. Used when setting up Validators.
Cluster	Name of the Kafka cluster to read data from.
Message format	JSON, AVRO, or PROTOBUF
Message schema	For JSON, Validio automatically infers the schema. For AVRO and PROTOBUF, you can upload schemas. For more information, see Data Stream Sources.