KIP-290 — Support for Prefixed ACLs
Accepted Kafka 2.0 Security
KIP-290 adds prefix-based ACL resource patterns to Kafka's authorization model, allowing a single ACL to grant access to all resources whose names start with a given prefix. Without prefix ACLs, granting a principal access to a namespace of topics requires creating one ACL per topic name, which is operationally expensive and requires ACL updates whenever new topics are added.
Protocol Impact
DescribeAcls · CreateAcls · DeleteAcls
Details
| Author | Piyush Vijay |
| Status | Accepted |
| Kafka Version | 2.0 |
| JIRA | KAFKA-6841 |
| Wiki | View on Apache Wiki |
| Created | 2018-05-01 |
| Last Modified | 2018-06-13 |
Explore how this KIP affects the Kafka protocol in the Protocol Explorer, or see the full KIP database.