Aiven Blog

Aug 23, 2017

Kafka users and access control

Aiven for Apache Kafka now provides user and topic-level control. Find out how this feature will help you manage users and access more effectively.

heikki-nousiainen

Heikki Nousiainen

|RSS Feed

Chief Technology Officer at Aiven

We're happy to announce user and topic level access controls for Aiven for Apache Kafka service. You can now create multiple users with separate access credentials each, and control produce and consumer privileges on user and topic basis.

Both users and access control lists can be managed on the Aiven Console under the Users tab on the service details page.

Managing users

All users and the user specific access certificate and key are listed and available on the Users tab. The password is usable with Kafka REST service.

You can add users with the Add service user... button or remove existing users with Remove...

Reset password... button on the right both resets Kafka REST password as well as revokes and recreates access key and certificate for the specific user.

Managing Access Control Lists

Access Control Lists manage user privileges to consume from or produce to a topic. 

Users can either be explicit users, or user masks with wildcard characters * and ?. Star matches a string of characters, question mark matches any single character in it's place.

Similarly, topics can be specified as explicit topics as well as wildcard matches.

Grants can be either Produce, Consume or Full Access for both.

By default, the access is allowed for all configured users to both produce and consume on all topics. You can delete ACL entries on row by row basis.

Give Aiven services a whirl

Remember that trying Aiven is free: you will receive US$10 worth of free credits at sign-up which you can use to try any of our service plans. The offer works for all of our services: PostgreSQL, Redis, Grafana, OpenSearch and Kafka!

Go to aiven.io to get started!


Related resources