Ryan P created KAFKA-4985:
-----------------------------
Summary: kafka-acls should resolve dns names and accept ip ranges
Key: KAFKA-4985
URL: https://issues.apache.org/jira/browse/KAFKA-4985
Project: Kafka
Issue Type: Improvement
Components: security
Reporter: Ryan P
Per KAFKA-2869 it looks like a conscious decision was made to move away from
using hostnames for authorization purposes.
This is fine however IP addresses are terrible inconvenient compared to
hostname with regard to configuring ACLs.
I'd like to propose the following two improvements to make managing these ACLs
easier for end-users.
1. Allow for simple patterns to be matched
i.e --allow-host 10.17.81.11[1-9]
2. Allow for hostnames to be used even if they are resolved on the client side.
Simple pattern matching on hostnames would be a welcome addition as well
i.e. --allow-host host.name.com
Accepting a comma delimited list of hostnames and ip addresses would also be
helpful.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
