User authorization

Simple Access Control

Important: Simple Access Control configuration is ignored if you configure Role Based Access Control.

Each Action can be enabled by setting a corresponding environment variable on system startup.

See: User authorization for a list of available actions.

ALLOW_KPOW_ADMIN=true                # Allow users to admin panels and controls
ALLOW_TOPIC_INSPECT=true             # Allow users to read topic key and value data
ALLOW_TOPIC_PRODUCE=true             # Allow users to write new messages to topics
ALLOW_TOPIC_CREATE=true              # Allow users to create new topics
ALLOW_TOPIC_EDIT=true                # Allow users to edit topic configuration
ALLOW_TOPIC_DELETE=true              # Allow users to delete topics
ALLOW_TOPIC_TRUNCATE=true            # Allow users to truncate topics
ALLOW_TOPIC_ELECT_LEADER=true        # Allow users to elect the leader replica of a topic partition
ALLOW_TOPIC_ALTER_REASSIGNMENTS=true # Allow users to edit the reassignments of a topic partition
ALLOW_GROUP_EDIT=true                # Allow users to delete consumer groups and reset consumer offsets
ALLOW_BROKER_EDIT=true               # Allow users to edit broker configuration
ALLOW_ACL_EDIT=true                  # Allow users to create and delete Kafka ACLs
ALLOW_PRODUCER_EDIT=true             # Allow users to abort transactions and fence Kafka Producers
ALLOW_QUOTA_EDIT=true                # Allow users to create, edit and delete Kafka Quotas
ALLOW_SCHEMA_CREATE=true             # Allow users to create new schemas and subjects
ALLOW_SCHEMA_EDIT=true               # Allow users to edit schemas and subjects
ALLOW_CONNECT_CREATE=true            # Allow users to create new connectors
ALLOW_CONNECT_EDIT=true              # Allow users to edit, pause, stop, and restart connectors and tasks
ALLOW_CONNECT_INSPECT=true           # Allow users to view connect configuration and metadata (automatically applied when CONNECT_EDIT enabled)
ALLOW_BULK_ACTION=true               # Allow users to invoke bulk actions
KSQLDB_QUERY=true                    # Allow users to execute ksqlDB SQL queries (push or pull)
KSQLDB_EXECUTE=true                  # Allow users to execute ksqlDB SQL statements (eg, `CREATE_TABLE`)
KSQLDB_TERMINATE_QUERY=true          # Allow users to terminate ksqlDB streaming push queries
KSQLDB_INSERT=true                   # Allow users to insert ksqlDB rows into source tables or streams

Simply choose the Action, prepend with ALLOW_ set the environment variable, and start Kpow.

Next
Role Based Access Control

Copyright © 2022 Factor House.