[
https://issues.apache.org/jira/browse/KAFKA-5690?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16109937#comment-16109937
]
Sanjoy Dasgupta commented on KAFKA-5690:
----------------------------------------
Yes, this will be really useful. If I created a “super-user type” principal
(not to be confused with the real super users described in server.properties)
and granted it all the privileges (READ, WRITE, DESCRIBE, CLUSTERACTION etc) on
all TOPICS, GROUPS and the CLUSTER, there should be some way to list the
privileges granted to that principal.
Rational is: Say we create the above ACL for the principal, this principal come
and produce/consume for all topics and groups, there should some way to list
which principal has these privileges, that support does not exist today in
Kafka. This is important for audit purposes
> kafka-acls command should be able to list per principal
> -------------------------------------------------------
>
> Key: KAFKA-5690
> URL: https://issues.apache.org/jira/browse/KAFKA-5690
> Project: Kafka
> Issue Type: Bug
> Components: core
> Affects Versions: 0.10.2.0, 0.11.0.0
> Reporter: Koelli Mungee
>
> Currently the `kafka-acls` command has a `--list` option that can list per
> resource which is --topic <topic> or --group <group> or --cluster. In order
> to look at the ACLs for a particular principal the user needs to iterate
> through the entire list to figure out what privileges a particular principal
> has been granted. An option to list the ACL per principal would simplify this
> process.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
