[Question] ... What is the use of strimzi.properties and how editing it helps for the Kafka cluster.

[vperi1730]

All - I have a question on the strimzi.properties file as part of the Kafka ACL authorization use case.

As part of super. users property if I am trying to add localhost and root as one of the SU, will these changes automatically get applied to all the Kafka broker nodes. I have attempted it for adding a new user and I see ClusterAuthorizationException as below.

User Addition Command: ./bin/kafka-acls.sh \ --bootstrap-server ip:port \ --add \ --allow-principal User:CN=producer \ --operation Write \ --topic '*' \ --command-config /tmp/root.properties

Error: org.apache.kafka.common.errors.ClusterAuthorizationException: Request Request(processor=0, connectionId=127.0.0.1:9093-127.0.0.1:62402-0, session=Session(User:CN=localhost,/127.0.0.1), listenerName=ListenerName(SSL), securityProtocol=SSL, buffer=null) is not authorized.

[scholzj]

The strimzi.properties file in /tmp is only a temporary file used to start the broker and for nothing else. If you wanna manage the ACLs, you can do it either using the User Operator and KafkaUser resources. Or you can do it your self using kafka-acls.sh. In that case you should disable the User Operator and use the Kafka listeners as you would from any other application to for example consume or produce messages.