Kafka Configs Kafka Protocol Wire Format API Versions KIPs Errors Kafka Upgrade Config Advisor Flink SQL
conduktor.io ↗

Kafka CreateAcls Request Wire Format v2 — Binary Protocol Layout

What is CreateAcls?

Grants principals access to resources via kafka-acls.sh --add. Changes take effect immediately (no restart needed), but ACL propagation across brokers is eventually consistent via ZooKeeper or KRaft metadata, leaving a short window where a new ACL might not be enforced cluster-wide.

Wire Diagram

Request Header · flexible
message_size int32 · 4B
api_key int16 · 2B
api_version int16 · 2B
correlation_id int32 · 4B
client_id string (compact)
tagged var
CreateAclsRequest v2
Creations array
tagged var
ResourceType int8 · 1B
ResourceName string (compact)
ResourcePatternType int8 · 1B
Principal string (compact)
Host string (compact)
Operation int8 · 1B
PermissionType int8 · 1B
tagged var

Schema & Example

Schema
{
  "Creations": [{
      "ResourceType": int8,
      "ResourceName": string,
      "ResourcePatternType": int8,
      "Principal": string,
      "Host": string,
      "Operation": int8,
      "PermissionType": int8
  }]
}
Example
{
  "Creations": [{
      "ResourceType": 2,
      "ResourceName": "orders",
      "ResourcePatternType": 2,
      "Principal": "User:alice",
      "Host": "broker-1.kafka.local",
      "Operation": 2,
      "PermissionType": 3
  }]
}