Question about Kafka ACL

[Calvin Chen <pi...@hotmail.com>]

Hi all

I have a question about kafka acl, is it possible to limit users to access a topic?

For example, if person-a created kafka-user-a and grant kafka-user-a to access topic-a, and person-b knows there is topic-a, but he doesn't know the credential to access topic-a via kafka-user-a, so he created kafka-user-b and grant kafka-user-b to access topic-a, so in this case person-b is able to read message from topic-a, how do we make sure topic-a is accessible only by kafka-user-a of person-a?

Thanks
Calvin

Re: Question about Kafka ACL

[Shilin Wu <sh...@confluent.io.INVALID>]

You should investigate why person-b can create user and grant ACLs.

Here might be some good reading on ACL related setup:
https://docs.confluent.io/platform/current/kafka/authorization.html


[image: Confluent] <https://www.confluent.io>
Wu Shilin
Solution Architect
+6581007012
Follow us: [image: Blog]
<https://www.confluent.io/blog?utm_source=footer&utm_medium=email&utm_campaign=ch.email-signature_type.community_content.blog>[image:
Twitter] <https://twitter.com/ConfluentInc>[image: LinkedIn]
<https://www.linkedin.com/company/confluent/>[image: Slack]
<https://slackpass.io/confluentcommunity>[image: YouTube]
<https://youtube.com/confluent>
[image: Kafka Summit] <https://www.kafka-summit.org/>


On Wed, Jun 9, 2021 at 9:42 PM Calvin Chen <pi...@hotmail.com> wrote:

> Hi all
>
> I have a question about kafka acl, is it possible to limit users to access
> a topic?
>
> For example, if person-a created kafka-user-a and grant kafka-user-a to
> access topic-a, and person-b knows there is topic-a, but he doesn't know
> the credential to access topic-a via kafka-user-a, so he created
> kafka-user-b and grant kafka-user-b to access topic-a, so in this case
> person-b is able to read message from topic-a, how do we make sure topic-a
> is accessible only by kafka-user-a of person-a?
>
> Thanks
> Calvin
>