akselh
commented
3 years ago @purbon , is this a change you agree would be good to have in KTB? Something to prioritize? How do you think about it?
Would possibly be a breaking change.
Closed akselh closed 3 years ago
akselh
commented
3 years ago @purbon , is this a change you agree would be good to have in KTB? Something to prioritize? How do you think about it?
Would possibly be a breaking change.
purbon
commented
3 years ago yes, I like it. We can add it in a way that is backwards compatible for now.
--allowDelete: Allow delete All. --allowDeleteTopic: Allow only delete of topics --allowDeleteAcls: Allow only delete of acks
I plan to release a 1.0 very soon, so I guess we can add this even in a backwards imcompatible way for 2.0.
What do you think?
akselh
commented
3 years ago Hehe. After yet another night sleeping on it: yes, I think your suggestion is a good one.
As an admin of a Kafka cluster I only want to allow deletion of acls with KTB to avoid havoc in the case of a topic renamed/removed from topology by a mistake.
Today the --allowDelete will open for deletion of both topics and acls. Deletion of a topic in production by a mistake will cause serious havoc, with recovery not possible after deletion process in Kafka have started. Even with a review process for changes to topologies it would be better to be able to disallow deletion of topics all together.
Deletion of acls by mistake will have less serious consequences, as these can easily be re-created.
I propose to support this by splitting the --allowDelete option into --allowDeleteTopic and --allowDeleteAcl.