Support Questions

RajeshBodolla · ‎12-14-2017

Hi,

Does kafka2.2.0 in CDH 5.11.2 support ACL's on topics?? Can we use AD Users and groups for this ACL's? Do we have any documents for this? We have kerberos enables.

RajeshBodolla · ‎12-28-2017

Had to go with sentry and hdfs. Sentry is tightly coupled with hdfs and has a mandatory config "HDFS Service" so you need to have hdfs. you can configure hdfs and sentry and stop hdfs once sentry is completely configured

View solution in original post

pdvorak · ‎12-14-2017

Kafka 2.2 uses sentry to provide authorization for kafka topics:

https://www.cloudera.com/documentation/kafka/2-2-x/topics/kafka_security.html#using_kafka_with_sentr...

If you are using kerberos, you can add the sentry service and then follow the documentation for configuring kafka privileges.

-pd

RajeshBodolla · ‎12-15-2017

Hi @pdvorak

We did try going with that approach but in our streaming cluster, we have only kafka and zookeeper services. When tried adding sentry, it was asking for hdfs service also to be presnt to add sentry. Not sure why hdfs is required for sentry to be available!!! I tried adding ACL's from command line, ACL's were created but that did not work.

RajeshBodolla · ‎12-28-2017

Had to go with sentry and hdfs. Sentry is tightly coupled with hdfs and has a mandatory config "HDFS Service" so you need to have hdfs. you can configure hdfs and sentry and stop hdfs once sentry is completely configured

Cloudera Community

Support Questions

Does kafka2.2.0 in CDH 5.11.2 support ACL's on topics??

Support Video: How does Kafka ACLs work?

Kafka topic creation and ACL configuration for Atl...

Does CDH 5.14.2 support Opensuse 12sp5

CDH 5.14.4 federation and sentry ACL sync issue

Support Video: How to delete a Kafka topic manuall...

Does Spark 2 supported CDH 5.11.0 ?

Does Hive 1.1.0 on CDH 5.12 support delete and up...

UMask vs HDFS default ACLs

Setting up Yarn queue acls

Does CDH support backend database using SSL/TLS?