The issues concerns connect-clusters objects and, more specifically, permissions management.
Owners of Connect clusters can authorize other namespaces to deploy connectors on their own Connect clusters by giving an ACL with the WRITE permission to the grantees.
But grantees cannot use AES 256 encryption.
To Reproduce
Steps to reproduce the behavior:
Create a namespace (firstNamespace) with :
One connect-cluster (with AES configuration)
ACL to declare that the namespace is the owner of the connect-cluster
Create another namespace (secondNamespace)
On firstNamespace: Create ACL to give WRITE permission to connect-cluster of secondNamespace
On secondNamespace:
It's possible to deploy a connector in the connect-cluster of firstNamespace but it's not possible to use AES256 encryption.
So the secondNamespace can't secure your secrets.
Expected behavior
Owners of Connect clusters can authorize other namespaces to deploy connectors on their own Connect clusters by giving an ACL but now as a grantees I want to be able to encrypt secret on a connector with the configuration AES of the connect-cluster.
Environment (please complete the following information):
Kafkactl distribution and version v1.11.3
If known:
Ns4Kafka version: v1.11.9
Kafka broker type and version [Confluent Platform, v7.5.4]
Describe the bug
The issues concerns connect-clusters objects and, more specifically, permissions management. Owners of Connect clusters can authorize other namespaces to deploy connectors on their own Connect clusters by giving an ACL with the WRITE permission to the grantees. But grantees cannot use AES 256 encryption.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Owners of Connect clusters can authorize other namespaces to deploy connectors on their own Connect clusters by giving an ACL but now as a grantees I want to be able to encrypt secret on a connector with the configuration AES of the connect-cluster.
Environment (please complete the following information):
If known: