Using Confluent Cloud Schema Registry in a VPC Peered Environment

If you have VPC peered environment and you want to use Confluent Cloud Schema Registry, you must open outbound calls (egress) to a public Schema Registry endpoint. This is because Confluent Cloud Schema Registry is a multi-tenant Schema Registry.

Prerequisites
  • Confluent Cloud Schema Registry is enabled and configured. For more information about supported features, see Confluent Cloud Schema Registry.
  • You must expose port 443 or otherwise manage a TCP-HTTPS(SSL/TLS) port forwarding scheme. This is required to access the managed Confluent Cloud Schema Registry.
  1. Click Schemas on the left-side panel. On step 2 you should see the Schema Registry endpoint. For example https//confluent.us-east-2.aws.confluent.cloud.

    ../_images/ccloud-sr-view.png
  2. Open outbound calls to the Confluent Cloud Schema Registry endpoint. Follow the instructions based on your cloud provider.

    Azure VPC

    Configure outbound call access for Azure networking components.

    AWS VPC

    Configure outbound call access for these AWS VPC networking components:

    GCP VPC

    Configure outbound call access for GCP networking components.

  3. Optional: Verify that your Schema Registry credentials are properly configured, where Schema Registry API key (<schema-registry-api-key>), API secret (<schema-registry-api-secret>), and endpoint (<schema-registry-url>) are specified.

    Run this command to authenticate with the cluster and list the topics registered in your schema.

    curl -u <schema-registry-api-key>:<schema-registry-api-secret> \
    <schema-registry-url>/subjects
    

    If no subjects are created, your output will be empty ([]). If you have subjects, your output should resemble:

    ["test2-value"]
    

    Here is an example command:

    curl -u <schema-registry-api-key>:<schema-registry-api-secret> \
    https://psrc-lq2dm.us-east-2.aws.confluent.cloud/subjects