Giters

kafka-ops / julie

A solution to help you build automation and gitops in your Apache Kafka deployments. The Kafka gitops!

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Support for ACL host

qzhang1995 opened this issue · comments

commented

I am trying to set up ACL for host using custom JulieRoles (suggested by issue #519),
Current ACLs for resource ResourcePattern(resourceType=TOPIC, name=test-topic, patternType=LITERAL):
(principal=User:ANONYMOUS, host=100.64.1.2, operation=WRITE, permissionType=ALLOW)

  1. In the roles.yaml , i set up the custom role, we are using confluent platform.

roles:

  • name: "hostACL"
    acls:
    • resourceType: "Topic"
      resourceName: "test-topic"
      patternType: "LITERAL"
      host: "100.64.1.2"
      role: "DeveloperWrite"
  1. Assign the custom role in topology.yaml

projects:

  • name: "Atest"
    hostACL:
    • principal: "User:ANONYMOUS"
  1. But in the julie ACL execution log and it has wildcard value "host" : "".
    {
    "Operation" : "com.purbon.kafka.topology.actions.access.CreateBindings",
    "Bindings" : [ {
    "resourceType" : "TOPIC",
    "resourceName" : "test-topic",
    "host" : "    ",
    "operation" : "DeveloperWrite",
    "principal" : "User:ANONYMOUS",
    "pattern" : "LITERAL",
    "scope" : {
    "clusters" : {
    "kafka-cluster" : "***"
    },
    "resources" : [ {
    "name" : "test-topic",
    "patternType" : "LITERAL",
    "resourceType" : "Topic"
    } ]
    }
    } ]
    }

this is in the ACL list in the end of the julieOps execution log
'TOPIC', 'test-topic', '*', 'DeveloperWrite', 'User:ANONYMOUS', 'LITERAL'

Is it possible to set up ACL for Hosts? thanks.