Loading
Acl stand for Access control list. Acls are added on resources like topics or group to provide authorization to producers or consumers. Acls can be added with specific parameters like operation or producer or consumer. Below I will provide few commands to add acls in different ways.
/bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --producer --topic testtopic --allow-host 10.11.22.111
OR by mentioning operations (Write is required for producer)
bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --operation Write --operation Describe --topic testtopic --allow-host 10.11.22.111
For multiple producer client hosts :
bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --producer --topic testtopic --allow-host 10.11.22.111 --allow-host 10.11.22.112
bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --topic testtopic --allow-host 10.11.22.113 --consumer --group=testconsumergroup
OR by mentioning operations (Read is required for producer)
bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --topic testtopic --allow-host 10.11.22.113 --operation Read --operation Describe --group=testconsumergroup
For multiple consumer client hosts :
bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --topic testtopic --allow-host 10.11.22.113 --allow-host 10.11.22.114 --consumer --group=testconsumergroup
For multiple consumer client hosts & groups :
bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --topic testtopic --allow-host 10.11.22.113 --allow-host 10.11.22.114 --consumer --group=testconsumergroup1 --group=testconsumergroup2