Setting up authorization policies

For Streams Messaging Manager (SMM) to show end-to-end latency data for an application, configure the application to generate additional metrics and enable monitoring. This includes sending metadata to internal SMM Kafka topics.

To do this in a secure Kafka cluster you must grant permissions on those topics through Ranger. Perform the following steps to grant the permissions to the Machine User account you are using:

  1. Navigate to Management Console > Environments, and select the environment where your Kafka cluster is running.
  2. Click the Ranger icon () on the top pane, to open the Ranger web UI.
  3. On the Ranger UI, click Access Manager > Resource Based Policies.
  4. Under the KAFKA group, select the policy of your Kafka cluster.
    To select it, click on the policy name, and not on the icons.
  5. Click Add New Policy, to create a new one, and enter the following details:
    • Policy Name: SMM Metrics topics
    • Topic: __smm_consumer_metrics and __smm_producer_metrics
    • Description: SMM topics for end-to-end latency monitoring
  6. Under the Allow Conditions section, click on the empty Select Users box and select the Machine User you created previously.
  7. Click Add Permissions, select the Publish and Describe permissions, and click the tick mark.
  8. Scroll to the bottom of the page and click Add to save the policy.