Skip to content

Latest commit

 

History

History
130 lines (86 loc) · 3.77 KB

kafka-admin-AclCommand.adoc

File metadata and controls

130 lines (86 loc) · 3.77 KB

AclCommand Administration Utility

Table 1. Options
Option Description

add

Adding ACLs

allow-host

Host from which principals listed in --allow-principal will have access

* indicates access allowed from all hosts

deny-host

Host from which principals listed in --deny-principal will be denied access

* indicates access denied from all hosts

allow-principal

Principal is in principalType:name format

authorizer

Fully-qualified class name of the Authorizer

authorizer-properties

(required) key=val pairs to configure the authorizer

bootstrap-server

(required) Brokers to connect to as a comma-separated list of host:port URLs

cluster

Add/Remove cluster ACLs

command-config

Property file with configs to be passed to Admin Client

consumer

Convenience option to add/remove ACLs for consumer role that generates ACLs that allow READ,DESCRIBE on topic and READ on group

delegation-token

Delegation token to which ACLs should be added or removed

* indicates all tokens

deny-principal

Principal is in principalType:name format

force

Assume Yes to all queries and do not prompt

group

Consumer Group to which the ACLs should be added or removed

* indicates all groups

help

Prints usage information

idempotent

Enables idempotence for the producer

Used in combination with the --producer option

Idempotence is enabled automatically if the producer is authorized to a particular transactional-id

list

List ACLs for the specified resource

Use --topic, --group or --cluster to specify a resource

operation

Operation that is being allowed or denied

Default: All

Supported operations:

  • All

  • Alter

  • AlterConfigs

  • ClusterAction

  • Create

  • Delete

  • Describe

  • DescribeConfigs

  • IdempotentWrite

  • Read

  • Write

principal

List ACLs for the specified principal (in principalType:name format)

producer

Convenience option to add/remove ACLs for producer role that generates ACLs that allow WRITE,DESCRIBE and CREATE on topic

remove

Removing ACLs

resource-pattern-type

Type of the resource pattern or pattern filter

Default: literal

  • When adding acls, this should be a specific pattern type, e.g. 'literal' or 'prefixed'.

  • When listing or removing acls, a specific pattern type can be used to list or remove acls from specific resource patterns, or use the filter values of 'any' or 'match', where 'any' will match any pattern type, but will match the resource name exactly, where as 'match' will perform pattern matching to list or remove all acls that affect the supplied resource(s).

Warning
 Use with care with 'match' and --remove option.

topic

Topic to which ACLs should be added or removed

* indicates all topics

transactional-id

The transactionalId to which ACLs should be added or removed

* indicates all transactionalIds

version

Displays Kafka version