ACLs
Kpow provides a complete management interface to Kafka ACLs.
All ACL actions (create, clone, delete) are recorded in the Kpow Audit log.
Prerequisites
- You have setup the correct access control permissions in Kpow to allow
ACL_EDIT. See: User Authorization. - You have setup the correct Kafka ACLs if you have enabled ACLs in your Kafka cluster. See: Minimum ACL Permissions.
Managing ACLs
You can find an overview of your cluster’s ACLs in the Brokers > ACLs tab.
It contains four tables to help you manage ACLs:
- Principals
- Hosts
- Resources
- Controls
ACL actions
Clicking the actions button on any row in an ACL table will give you a popup of available actions:
- Clone ACL: Allows you to clone at the control, resource, host, or principal level.
- Delete ACL: Allows you to delete ACLs at the control, resource, host, or principal level.
The example below shows how to clone all ACLs related to the principal user:derek to another principal, user:tom.
Creating ACLs
You can also create a new ACL by clicking the New ACL button. Fill out the form fields, then click Create ACL to submit.
Topics + Consumers ACL management
ACL management is also available from the Topics and Consumers pages.
For example, in the Topics > ACLs tab, you can filter by a topic to view all associated ACLs in the Topic ACLs table. Each row offers actions such as Clone ACL and Delete ACL. To add a new ACL for the topic, click the Create Topic ACL button.
The Consumers page provides the same functionality for managing group ACLs.