Use the Confluent CLI with multiple credentials¶
You can provide restricted access to Confluent Cloud resources using the CLI by using
confluent context create command. This
command allows you to authenticate with Confluent Cloud using a Kafka API key and
secret pair instead of a user account.
Each authentication instance that you create is saved.
When you connect to a cluster using
confluent context create
you are limited to produce and consume. Topic management is not supported.
Create and log in to your environment by using the
confluent context createcommand, where
<context-name>is your environment name. This requires a Kafka API key and the bootstrap server URL of the Confluent Cloud environment.
The context-name here is basically the combination of a user and a server. For example, each of the following can be considered a different context:
Jane <> https://localhost:8090
David <> https://localhost:8090
David <> https://test-env:8090
Changing contexts is useful when you must switch back and forth between multiple CLI users, such as a super user and some other user with limited capabilities as defined by their RBAC role.
There are two Confluent CLI commands available to configure context:
- To select and configure an already-existing context, use the confluent context use command.
- To create a new context, use the confluent context create command when logging in to the Confluent CLI, as shown below. You must use a Kafka API key and secret for produce and/or consume (rather than your Confluent Cloud user credentials).
confluent context create <context-name> --bootstrap <kafka-cluster-url> --api-key <api-key> --api-secret <secret>
You can now produce or consume to your Confluent Cloud environment. For more information, see confluent kafka topic consume.