Hi Jose, You're right, ACLs are typically created before topic creation to prevent authorization issues during deployment. However, when it comes to deleting a topic via CLI, it's really just two steps: running the topic deletion command and the ACL deletion command.
I had considered combining these two steps as a potential improvement, but on second thought, I don't think it adds much value, so I'll set that idea aside. Regarding the ACL cleanup tool I mentioned earlier, it indeed runs into the problem you pointed out. Will keep this aside too. What are your thoughts on detecting stale topics? Thanks, Murali On Sun, Sep 22, 2024 at 7:43 PM José Armando García Sancio <[email protected]> wrote: > Hi Muralidhar, > > > Proposal: > > Prevent Topic Deletion if ACLs Exist: If there are read or write ACLs > > associated with the topic, the deletion should be prohibited by default. > > This helps prevent accidental deletion of topics that are still in use. > > For security it is recommended that ACLs are created _before_ a topic > gets created and that ACLs are deleted _after_ a topic is deleted. How > do you plan to address those security considerations? > > Thanks, > -- > -José >
