Skip to main content
This page provides a comprehensive reference for all configuration parameters available when creating a Kafka source or table in RisingWave using the WITH clause of a CREATE SOURCE or CREATE TABLE statement.

Basic connection parameters

These parameters are typically required to establish a basic connection to your Kafka cluster.

Data consumption options

These parameters control how RisingWave consumes data from the Kafka topic. scan.startup.mode only applies to streaming jobs, such as when building a table or creating a materialized view on a Kafka source. When directly querying a source, RisingWave will always read from the earliest available messages. For more information about querying sources, see Querying a source.

General Kafka properties

These parameters provide additional control over the Kafka consumer behavior. Most correspond to standard Kafka configuration properties, and for those, the RisingWave parameter name is prefixed with properties. For detailed explanations of these parameters, refer to the official librdkafka configuration documentation.

Security (TLS/SSL and SASL)

RisingWave supports connecting to Kafka clusters secured with TLS/SSL encryption and/or SASL authentication. See the main Connect to Kafka guide for detailed examples. The following table summarizes the parameters used for configuring security:

Format and encoding options

These parameters are used with FORMAT and ENCODE to specify how RisingWave should interpret the data in your Kafka messages. See Data formats and encoding options for details on available formats and encodings.
In RisingWave Cloud, AWS credentials (access_key, secret_key or aws.credentials.*) are required and cannot be omitted. In self-hosted deployments, you may omit them to rely on the AWS SDK default credential chain (for example, EC2 instance profile or environment variables).

Use AWS Glue Schema Registry

PREMIUM FEATUREThis is a premium feature. For a comprehensive overview of all premium features and their usage, please see RisingWave premium features.
AWS Glue Schema Registry is a serverless feature of AWS Glue that allows you to centrally manage and enforce schemas for data streams, enabling data validation and compatibility checks. It helps in improving the quality of data streams by providing a central repository for managing and enforcing schemas across various AWS services and custom applications. You can specify the following configurations in the FORMAT PLAIN ENCODE AVRO (...) or FORMAT UPSERT ENCODE AVRO (...) clause to read schemas from Glue. Auth-related configurations: ARN to the schema:
Example
If your Kafka cluster is in a different VPC and you’re using AWS PrivateLink for connectivity, you’ll need to specify these parameters:

Examples

The following examples show how to align properties.bootstrap.server, privatelink.endpoint, and privatelink.targets: Multiple endpoints (1:1 mapping) privatelink.endpoint is a JSON array and must align 1:1 by order with the addresses in properties.bootstrap.server. The privatelink.targets port list must also align by order.
The JSON arrays map 1:1 to the broker addresses in properties.bootstrap.server by position. Single endpoint You can specify a single value for privatelink.endpoint. RisingWave automatically applies this endpoint to all broker addresses in properties.bootstrap.server. The privatelink.targets port list must still align by order. This works whether brokers are in the same AZ or in different AZs, as long as the endpoint supports cross-AZ routing without restrictions.
The single privatelink.endpoint is automatically applied to all addresses.

AWS MSK Configuration

For connecting to Amazon Managed Streaming for Apache Kafka (MSK), please see Access MSK in RisingWave for more details.