We need to give Describe/Write privileges for producer user and Describe/Read privileges for the consumer user. While using kafka-acls.sh script, you can use "--producer/--consumer" options to give a user producer or consumer privileges.
You can find examples here: https://kafka.apache.org/documentation/#security_authz_examples On Wed, Jun 28, 2017 at 9:00 PM, Meghana Narasimhan < mnarasim...@bandwidth.com> wrote: > Hi, > I am working on enabling both PLAINTEXT and SASL_PLAINTEXT together on 2 > ports so that clients have time to transition to SASL_PLAINTEXT without > impact. The listeners work well, but I had some queries regarding ACL. > > If I enable the SimpleAuthorizer and add Read and Write ACL rules for the > client user ANONYMOUS, the clients seem to stop working. They work fine if > the ANONYMOUS user is made a super user in the server properties. > > Is there a way to use both protocols and grant Read and Write privileges to > clients using PLAINTEXT using ACLs without making the anonymous user super > user ? > > Thanks, > Meghana >
