You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Jiao Zhang (Jira)" <ji...@apache.org> on 2023/10/27 05:06:00 UTC

[jira] [Created] (KAFKA-15701) Allow use of user policy in CreateTopicPolicy

Jiao Zhang created KAFKA-15701:
----------------------------------

             Summary: Allow use of user policy in CreateTopicPolicy 
                 Key: KAFKA-15701
                 URL: https://issues.apache.org/jira/browse/KAFKA-15701
             Project: Kafka
          Issue Type: Improvement
            Reporter: Jiao Zhang


One use case of CreateTopicPolicy we have experienced is allow/reject topic creation by checking the user .

Especially for the secured cluster usage, we add acls to specific users for allowing topic creation. At the same time, we have the needs to design customized create topic policy for different users. For example, for user A, topic creation is allowed when partition number is within limit. For user B, we allow topic creation without check. As the kafka service provider, user A is imaged as random user of kafka service and user B is imaged as internal user for cluster management.

For this need, we patched our local fork of kafka by passing user principle in KafkaApis.

One place need to revise is here [https://github.com/apache/kafka/blob/834f72b03de40fb47caaad1397ed061de57c2509/core/src/main/scala/kafka/server/KafkaApis.scala#L1980]

As thinking it's natural to support this kind of usage even in upstream, I raised this Jira for asking community's ideas about this. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)