Kafka ACLs

ACLs (Access Control Lists) can provide access restrictions to available resources in a Kafka cluster. Lenses provides a full set of operational capabilities over Kafka ACLs in the Admin panel.

Manage Kafka ACLs

  1. From the Header bar menu, go to Admin panel.
  2. On the side navigation, select Kafka ACLs under the Kafka Settings section.
Kafka ACLs

Kafka Authorizer

To use Kafka ACLs, the Brokers require an authorizer to be set. To enable ACLs via an authorizer read the Apache Kafka documentation . If you do not have ACLs enabled you will see the bellow:

No Kafka ACL Authorizer

A high number of ACLs will decrease the performance of Kafka. For security and performance aware projects, we recommend using role-based-access for users at the DataOps layer and Kafka ACLs for applications.

Create Kafka ACLs

You can create new ACLs, with the New ACL button and selecting the permission, resource and operation:

Add new Kafka ACL

Explore Kafka ACLs

With the authorizer set up, you can create, search, and manage your ACLs:

Manage Kafka ACLs

API & GitOps

For automation use the Kafka Admin API and CLI

Kafka ACLs permissions

You can use RBAC (Role Based Access) to control users that have visibility and management roles for Kafka ACLs.

Specifically, the permissions ViewKafkaSettings and ManageKafkaSettings are needed to view and manage respectively.