"kafka-acls.sh" script communicates directly with zookeeper. We should run kafka-acls.sh as kafka user (super user) to get write permission on zk. We should pass required jaas conf to the script.
On Thu, Aug 23, 2018 at 3:02 PM HG <hanspeter.sl...@gmail.com> wrote: > Hi, > > I have an environment with SSL, SASL and ACL's enabled. > When I set zookeeper.set_acl=true in the server.properties file of the > brokers I cannot create topics , ACL's etc. > > [root@host201 kafka]# bin/kafka-acls.sh --authorizer-properties > zookeeper.connect=localhost:2181 --add --allow-principal User:admin > --operation All --topic '*' --cluster > Error while executing ACL command: KeeperErrorCode = NoAuth for > /kafka-acl/Topic > org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = > NoAuth for /kafka-acl/Topic > at > org.apache.zookeeper.KeeperException.create(KeeperException.java:113) > .. > I have specified super users too in the server.properties. > > Any idea's what I am doing wrong? > > Regards Hans >
