Create Ranger policies for Machine User account

To read data from or write data to Kafka topics, you must grant certain privileges to your Machine User. To do this, you create new access policies for the Kafka topics in Ranger. You create one Topic policy and one Consumer Group policy.

Because your personal user is an environment administrator, you already have privileges to access and modify Kafka topics. This is not the case, though, with the Machine User account you created.

Authorization policies in CDP are maintained and enforced by Apache Ranger. To learn more about Apache Ranger authorization policies, see Using Ranger to Provide Authorization in CDP.

To allow the Machine User account to read from and write data to the Kafka topics you created, it is necessary that you define new access policies for those topics in Ranger. You need to create the following policies:
  • Topic policy to grant access to the two Kafka topics.
  • Consumer Group policy to define which consumer groups the Machine User can use to consume

    data from the Kafka topics.