Apache Kafka comes with an authorizer implementation that uses ZooKeeper to store all the ACLs. The ACLs have to be set because the access to resources is limited to super users when an authorizer is configured. By default, if a resource has no associated ACLs, then no one is allowed to access the resource, except super users.
In the above command, ACLs are added to allow a principal to haveAlloperations available over the topic specified. The following are the available operations:
Read
Write
Create
Delete
Alter
Describe
ClusterAction
DescribeConfigs
AlterConfigs
IdempotentWrite
All
When using --group=*, it means that all groups are allowed to be created by this user when running a Kafka consumer.