Kstreams how to restrict creating intermediate topics
Question
操作团队是否可以限制应用程序团队在kafka集群上创建kafka流中间主题?
1 answers
solution1
0 2019-03-14 22:05:56
Kafka provides authorisation mechanisms and more precisely, a pluggable Authorizer . You can either use the simple Authorizer implementation which is provided by Kafka by including the following configuration in server.properties
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
or you can create your own class that implements Authorizer Interface. Again, you'd need to provide the authorizer.class.name in server.properties broker configuration file.
When an authorizer is configured, access to resources is limited to Super Users and therefore if a resource has no associated ACLs, then the access is restricted only to these Super Users. In order to define super users, you simply need to include them in the server.properties configuration;
super.users=User:Bob;User:Alice
This is the default behaviour, and can be amended by including the following configuration in server.properties file
allow.everyone.if.no.acl.found=true
that essentially enables access to every user when no ACLs are configured.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.