Support Questions
Find answers, ask questions, and share your expertise

setting up Kafka securty using Apache Ranger

setting up Kafka securty using Apache Ranger

Expert Contributor

Hi All - i'm looking at setting up security (topic-level, group -level) for Kafka on HDP 2.5 or HDP 2.4 using Apache Ranger.

Looking on pointers (incl. tutorials) for this.

Appreciate your help on this.

6 REPLIES 6
Highlighted

Re: setting up Kafka securty using Apache Ranger

Expert Contributor
Highlighted

Re: setting up Kafka securty using Apache Ranger

Expert Contributor

@Ramesh Mani, thnx.. checking this !

Highlighted

Re: setting up Kafka securty using Apache Ranger

Expert Contributor

@Ramesh Mani @Nitin Saraswat

I'm unable to make Kafka security work using Apache ranger ..

Here are the details -

I created users - kafka1, kafka2 and topic - "kafka1_topic"

Using Apache Ranger - kafka1 is provided complete access to kafka1_topic, while kafka_user is denied access to this topic.

I logon to the terminal using Unix user - kafka1, and create a Kafka producer - which puts in message into topic "kafka1_topic"

On a separate terminal, i logon using Unix user - kafka_user and then create Kafka producer - which reads from this topic.

I expect that the user - kafka_user will not be able to read the messages put into the topic - kafka1_topic, but on the contrary, it is able to do so.

What so i need to do to enable this ?

Appreciate your inputs.

Attaching screenshots of the Ranger policies - allowing user kafka1 access & denying user kafka_user access to the topic - kafka1_topicscreen-shot-2016-11-14-at-52322-pm.pngscreen-shot-2016-11-14-at-53447-pm.png.

Highlighted

Re: setting up Kafka securty using Apache Ranger

Expert Contributor

@Neeraj Sabharwal @Ramesh Mani

Hi All,

i'm having issues in getting this to work, seems like you were able to get this to work.

attaching the link with the problem summary.

https://community.hortonworks.com/questions/65928/setting-up-kafka-securty-using-apache-ranger.html#...

could you help resolve this issue ? Thnx.

Highlighted

Re: setting up Kafka securty using Apache Ranger

Expert Contributor

@Ramesh Mani @Nitin Saraswat- i'm told that we need to kerberize the Cluster to make this work ,. is that correct ?

Highlighted

Re: setting up Kafka securty using Apache Ranger

Contributor

Karan Alang you must have kerberos to use ranger with kafka and storm ( mandatory)

https://community.hortonworks.com/questions/2982/kerberos-adldap-and-ranger.html