Kafka ACL Questions

Hello All,

I am using a Amazon Managed Kafka MSK cluster which is not setup perfectly. However I am not understanding how to setup the ACL for any topic. When I run the command for specifying ACL against a topic with a particular user present in AD or local to the box - my question is how to add this user on the groups?

hi @krishanumitra

did you check the docs?

as well as a nice demo made by @jaceklaskowski

https://jaceklaskowski.gitbooks.io/apache-kafka/content/kafka-demo-acl-authorization.html

best,
michael

HI Michael,

Thanks for the reply.
Yes I went through it. My question is right now by MSK Kafka Cluster from Amazon is not connected to a Certificate Manager or a CA. In that case whether I will be able to use the ACL’s with the user name. The document clearly specifies that we have to create users with name consumer and producer (Demo: ACL Authorization · The Internals of Apache Kafka). How can we use AD users. Should the AD users have their own truststore and keystore to consume or produce?

Hi,

@krishanumitra not sure whether it’s possible to integrate
AD with MSK.

I think the only possibility might to be to use IAM roles and integrate your AD with AWS IAM.
Never tested nor tried by myself just thinking out loud :wink:

best,
michael