Hi Viktor, Thanks for restarting the discussion on this KIP. Being able to easily audit usage of a Kafka cluster is a very valuable feature.
Regarding the API, I have a few of questions: 1) You introduced a start() method. I don't think any other interfaces have such a method. Users can do any setup they want in configure() 2) The first argument of audit is an AbstractRequest. Unfortunately this type is not part of the public API. But actually I'm not sure having the full request is really needed here. Maybe just passing the Apikey would be enough as we already have all the resources from the auditInfos field. 3) The KIP mentions a "LoggingAuditor" default implementation. What is it doing? Can you add more details about it? 4) Can fields of AuditInfo be null? I can see there's a constructor without an Errors and that sets the error field to None. However, with the builder pattern, if error is not set it's null. 5) Should AuditInfo be an interface? On Mon, Sep 14, 2020 at 3:26 PM Viktor Somogyi-Vass <viktorsomo...@gmail.com> wrote: > > Hi everyone, > > Changed the interface a little bit to accommodate methods better where > authorization happens for multiple operations so the implementer of the > audit interface will receive all authorizations together. > I'll wait a few more days to allow people to react or give feedback but if > there are no objections until then, I'll start a vote. > > Viktor > > On Tue, Sep 8, 2020 at 9:49 AM Viktor Somogyi-Vass <viktorsomo...@gmail.com> > wrote: > > > Hi Everyone, > > > > I'd like to restart the discussion on this. Since the KIP has been > > revamped I thought I'd start a new discussion thread. > > > > Link: > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-567%3A+Kafka+Cluster+Audit > > > > Short summary: > > - Would like to introduce a new interface similar to the Authorizer called > > Auditor as follows: > > public interface Auditor { > > audit(Request r, AuthorizableRequestContext c, AclOperation > > o, Map<ResourcePattern, Boolean> isAllowed, Map<ResourcePattern, Errors> > > errors); > > } > > - Basically it would pass down the request and the authorization > > information to the auditor implementation where various kind of reporting > > can be done based on the request. > > - A new config would be added called "auditor" which is similar to the > > "authorizer" config, but users can pass a list of auditor class names. > > - The implementation is expected to be low latency similarly to the > > Authorizer. > > - A default implementation will be added that logs into a file. > > > > I appreciate any feedback on this. > > > > Best, > > Viktor > >
