Hi As I learned that kafka can use '--resource-pattern-type prefixed' to add rule for prefixed topic. For example an user 'kafkaclient', we could define a rule let the user can access all topics start with that user name, i.e., 'kafkaclient--', such as 'kafkaclient--topic1', 'kafkaclient--topic2', etc.
/opt/kafka/bin/kafka-acls.sh \ --authorizer-properties zookeeper.connect=zookeeper:2181 \ --add \ --allow-principal User:"kafkaclient" \ --operation All \ --resource-pattern-type prefixed \ --topic "kafkaclient--" \ But is it possible to define dynamic user name ? In above case we know the username is 'kafkaclient', and if there are many other users, we have to add rule for each user; these rules are similar, except the user name. So i want to know if it's possible to just define a single rule, using dynamic user name, each user could access the topics start with itself username. something likes: /opt/kafka/bin/kafka-acls.sh \ --authorizer-properties zookeeper.connect=zookeeper:2181 \ --add \ --allow-principal User:"*<USER>*" \ --operation All \ --resource-pattern-type prefixed \ --topic "*<USER>*--" \ Then whatever to add user or add topic later, we don't need to add any rules. Thanks. Hui
