Cloudera Docs » 2.3.2 » Configuring Kafka for Kerberos Over Ambari
Configuring Kafka for Kerberos Over Ambari
Also available as:
PDF

Granting Permissions to a Consumer

To grant permissions to a consumer:

  • Grant READ permissions to the topic that the consumer is going to read from.

  • Grant DESCRIBE permission on the cluster.

Example:

The following commands grant principal ambari-qa access as a consumer, to topic test-topic from host c6401.ambari.apache.org. This is done by granting READ permission to the ambari-qa user on that topic, and granting CREATE permission on the cluster:

./bin/kafka-acls.sh --topic yes --add --allowhosts c6401.ambari.apache.org --allowprincipals user:ambari-qa --operations READ --config /usr/hdp/current/kafka-broker/config/server.properties

./bin/kafka-acls.sh --cluster --add --allowhosts c6401.ambari.apache.org --allowprincipals user:ambari-qa --operations CREATE --config /usr/hdp/current/kafka-broker/config/server.properties

© 2012–2021 by Cloudera, Inc.
Document licensed under the Creative Commons Attribution ShareAlike 4.0 License.
Cloudera.com | Documentation | Support | Community