Skip to content

Support for ACL host #570

New issue
New issue
Open
Open
Support for ACL host#570
Labels
bugSomething isn't working
@qzhang1995

Description

@qzhang1995
qzhang1995
opened on Jun 15, 2023

I am trying to set up ACL for host using custom JulieRoles (suggested by issue #519),
Current ACLs for resource ResourcePattern(resourceType=TOPIC, name=test-topic, patternType=LITERAL):
(principal=User:ANONYMOUS, host=100.64.1.2, operation=WRITE, permissionType=ALLOW)

  1. In the roles.yaml , i set up the custom role, we are using confluent platform.

roles:

  • name: "hostACL"
    acls:
    • resourceType: "Topic"
      resourceName: "test-topic"
      patternType: "LITERAL"
      host: "100.64.1.2"
      role: "DeveloperWrite"
  1. Assign the custom role in topology.yaml

projects:

  • name: "Atest"
    hostACL:
    • principal: "User:ANONYMOUS"
  1. But in the julie ACL execution log and it has wildcard value "host" : "".
    {
    "Operation" : "com.purbon.kafka.topology.actions.access.CreateBindings",
    "Bindings" : [ {
    "resourceType" : "TOPIC",
    "resourceName" : "test-topic",
    "host" : "    ",
    "operation" : "DeveloperWrite",
    "principal" : "User:ANONYMOUS",
    "pattern" : "LITERAL",
    "scope" : {
    "clusters" : {
    "kafka-cluster" : "***"
    },
    "resources" : [ {
    "name" : "test-topic",
    "patternType" : "LITERAL",
    "resourceType" : "Topic"
    } ]
    }
    } ]
    }

this is in the ACL list in the end of the julieOps execution log
'TOPIC', 'test-topic', '*', 'DeveloperWrite', 'User:ANONYMOUS', 'LITERAL'

Is it possible to set up ACL for Hosts? thanks.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions