Versions Compared

Old Version 4

changes.mady.by.user Manikumar Reddy O.

Saved on

compared with

New Version Current

changes.mady.by.user Colin McCabe

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This page is meant as a template for writing a KIP. To create a KIP choose Tools->Copy on this page and modify with your content and replace the heading with the next KIP number and a description of your issue. Replace anything in italics with your own description.

Status

Current state:  Under Discussion" Adopted

Discussion thread: here [Change the link from the KIP proposal email archive to your own email thread] 

JIRA: here

Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).

Motivation

Currently AclCommand (kafka-acls.sh) uses authorizer class (Default is SimpleAclAuthorizer) to manage ACLs.
This means, when using out-of-box authorizer implementation (SimpleAclAuthorizer), users should have access to
the ZooKeeper clusters and should have access to broker principal in case of Kerberised clusters.

...

  1. Add a new option "--bootstrap-server" which is used to connect kafka cluster . This option can not be used with existing "--authorizer" option" ,  "--authorizer-properties"  options.
  2. Add a new option "--command-config-file" which takes a property file containing configs to be passed to admin Client. This option can be used with only "--bootstrap-server".
  3. Users can use either "--bootstrap-server" or ""--authorizer" options. By default "--authorizer" will be used, which defaults to SimpleAclAuthorizer.

...

  • There won't be any change of current behavior. Users can continue to use existing "--authorizer" option.

Rejected Alternatives