Kafka Authentication Per Topic

Need to understand is there any mechanism to provide authentication at the topic level.

For example, as per my use-case currently assume I have 4 customers who are sending data to 4 topics respectively. with SASL_SSL authentication.

So, as per SASL_SSL authentication, we can create multiple users on the kafka server jaas file.
But, all 4 users have access to all 4 topics. Is kafka provide topic level authetication or not?

@mann2108 Apache Kafka ships with an out of the box authorizer which would allow you control topic level operations. The full details are located here including setup and example commands for ACLs: Authorization using ACLs | Confluent Documentation

If you’re using Confluent, you can use Role Based Access Controls, as documented here: Authorization using Role-Based Access Control | Confluent Documentation

1 Like

The docs go into this a good bit. Apache Kafka

You authenticate to the cluster and that verifies you as a “principal”

You then are authorized, via ACLs, Apache Kafka, to perform various operations against topics or cluster wide operations(like topic creates)