I setup HDF 3 including Ranger and Kerberos...everything's green in Ambari so far.
Ranger plugins for Kafka and NiFi have been enabled and in RangerUI I can see the default policy for Kafka has been created and some audit entries are there, see below
The problem now is, that I can list and describe Kafka topics with my user account, although it is not allowed by Ranger ACL , and I do not even see any entry in Audit log for the accesses under my own user account.
It looks like Ranger ACLs doesn't get applied to Kafka at all, no idea why ?!?!
I create a dedicated policy for Topic 'foo', just granting my user 'consume' access =>
In a terminal I can still 'describe' that topic, and in ranger audit there is NO entry for that access =>
Any ideas why access is still allowed and why there is no audit being recorded ?!?!
PS: in RangerUI the Kafka policy is shown as updated.....it updates right after being updated