search

kafka-ops / julie

A solution to help you build automation and gitops in your Apache Kafka deployments. The Kafka gitops!
MIT License
418 stars 113 forks source link

RBAC - Optimize ACLs should add PREFIXED bindings for schema registry #512

Closed damien-malescot closed 2 years ago

damien-malescot commented 2 years ago

Is your feature request related to a problem? Please describe. When optimize acls is set in configure file like this : topology.acls.optimized=true

Schema registry bindings are are not using this property.

Describe the solution you'd like With optimize ACL and this topology file : 

context: "DEV"
source: "test"
projects:
  - name: "project"
    schemas:
      - principal: "Group:CONSUMER_READ"
        role: DeveloperRead

JulieOps should create schema registry's bindings like this : DEV.test.project.* / PREFIXED / Group:CONSUMER_READ / DeveloperRead

In fact, in optimize mode it seem consistent that principal would access to all schemas under the prefix. Otherwise it's very boring to declare each schemas in "schemas" section.

Thanks

purbon commented 2 years ago

Closed with d222e8366d7228a5f1e82534d940bd72e6202808