Re: [DISCUSS] ACL operations

On Fri, Apr 14, 2017, at 08:08, Ismael Juma wrote: > That's right Tom. > > In addition, ACLs can apply to more than one topic (we currently only > support `*`, but it would make sense to extend this) and their lifecycle > is > separate from topics (i.e. ACLs can be created for topics that don't >

Re: [DISCUSS] ACL operations

That's right Tom. In addition, ACLs can apply to more than one topic (we currently only support `*`, but it would make sense to extend this) and their lifecycle is separate from topics (i.e. ACLs can be created for topics that don't exist and deleting a topic doesn't delete an associated ACL).

Re: [DISCUSS] ACL operations

Colin, Reminder that ACLs don't just apply to topics, but also to consumer groups and cluster operations. It seems like having two sets of APIs, one of which is (topics + acls) and one of which is just acls is more complex than just having acls. On Fri, Apr 14, 2017 at 12:17 AM, Colin McCabe

Re: [DISCUSS] ACL operations

Based on the initial discussion here, and the draft KIP-133, it sounds like the plan is to have AdminClient APIs like: addAcls, removeAcls, listAcls, listConfig, changeConfig (roughly speaking). However, just to play devil's advocate here a bit, wouldn't AdminClient users find it more natural to

Re: [DISCUSS] ACL operations

Hi Colin, Thanks for coordinating with Grant and reviving this. I agree that having a separate delete request makes sense. This also came up in the original discussion thread and I think people were in favour. Ismael On 13 Apr 2017 10:21 pm, "Colin McCabe" wrote: > Hi all,

[DISCUSS] ACL operations

Hi all, KIP-4 described some RPCs for implementing centralized administrative operations for Kafka. Now that the adminclient work is going forward, I'd like to re-open the discussion about the ACL-related RPCs. This is a continuation of the email thread Grant Henke started while back. (See