THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
To represent the new User resource type we have to modify the AclCommand slightly and add a new option called --usersuser-principal
. This would have a semicolon separated list of users as parameterrepresents a user principal of principal type "User". By specifying this parameter we would control (allow or deny) the token requester principal to create or describe tokens of those owner usersfor the user-principal.
For instance:
Code Block | ||
---|---|---|
| ||
>> bin/kafka-acls.sh --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:tokenRequester --allow-host * --operation CreateTokens --user-principal "owner1" |
...