You should investigate why person-b can create user and grant ACLs. Here might be some good reading on ACL related setup: https://docs.confluent.io/platform/current/kafka/authorization.html
[image: Confluent] <https://www.confluent.io> Wu Shilin Solution Architect +6581007012 Follow us: [image: Blog] <https://www.confluent.io/blog?utm_source=footer&utm_medium=email&utm_campaign=ch.email-signature_type.community_content.blog>[image: Twitter] <https://twitter.com/ConfluentInc>[image: LinkedIn] <https://www.linkedin.com/company/confluent/>[image: Slack] <https://slackpass.io/confluentcommunity>[image: YouTube] <https://youtube.com/confluent> [image: Kafka Summit] <https://www.kafka-summit.org/> On Wed, Jun 9, 2021 at 9:42 PM Calvin Chen <pingc...@hotmail.com> wrote: > Hi all > > I have a question about kafka acl, is it possible to limit users to access > a topic? > > For example, if person-a created kafka-user-a and grant kafka-user-a to > access topic-a, and person-b knows there is topic-a, but he doesn't know > the credential to access topic-a via kafka-user-a, so he created > kafka-user-b and grant kafka-user-b to access topic-a, so in this case > person-b is able to read message from topic-a, how do we make sure topic-a > is accessible only by kafka-user-a of person-a? > > Thanks > Calvin >
