paoloambrosio-skyuk
commented
6 years ago Feel free to come up with a proposal (here) for how it would work.
Closed josefelixh closed 5 years ago
paoloambrosio-skyuk
commented
6 years ago Feel free to come up with a proposal (here) for how it would work.
josefelixh
commented
6 years ago So in order to open the discussion I'd propose the add an acls section to the topic configuration
topic1:
partitions: 10
replication: 3
config:
cleanup.policy: compact
delete.retention.ms: 86400000
min.compaction.lag.ms: 21600000
retention.ms: 0
min.insync.replicas: 3
acls:
add:
- user: user1
group: "*"
consumer: false
producer: true
- user: user2
group: "*"
consumer: false
producer: true
topic2:
partitions: 5
replication: 2
config:
cleanup.policy: delete
delete.retention.ms: 0
retention.ms: 604800000
min.insync.replicas: 2
acls:
add:
- user: "*"
group: "*"
consumer: true
producer: true
deny:
- user: user1
group: "*"
consumer: true
producer: truewould the above be acceptable?
paoloambrosio-skyuk
commented
6 years ago I don't think it would work. Everything under config is what you would pass to kafka-topics command line with --config. Moving it one level up would work:
topic2:
partitions: 5
replication: 2
config:
...
acls:
...I am closing this issue in favour of https://github.com/simplesteph/kafka-security-manager... there is already a tool for managing ACLs for Kafka.
A nice addition would be to add ACLs management for topics. This is something I or my team will be happy contributing.