vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/dms/umn/kafka-ug-0002.html
Chen, Junjie dd8a3a658b DMS UMN Initial Version 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Chen, Junjie <chenjunjie@huawei.com>
Co-committed-by: Chen, Junjie <chenjunjie@huawei.com>
2022-12-08 00:33:11 +00:00

30 lines
7.7 KiB
HTML
Raw Permalink Blame History

<a name="kafka-ug-0002"></a><a name="kafka-ug-0002"></a>
<h1 class="topictitle1">Granting Permissions to a SASL_SSL User</h1>
<div id="body0000001135061465"><p id="kafka-ug-0002__p39139363712">DMS supports ACL permission management for topics. You can differentiate the operations that different users are allowed to perform on a topic by granting the users different permissions.</p>
<p id="kafka-ug-0002__p8060118">This section describes how to grant topic permissions to a SASL_SSL user. For details about how to create a SASL_SSL user, see <a href="kafka-ug-0003.html">Creating a SASL_SSL User</a>.</p>
<p id="kafka-ug-0002__p759022712313">If no SASL_SSL user is granted any permission for a topic, all users can subscribe to or publish messages to the topic.</p>
<p id="kafka-ug-0002__p1291535115818">If one or more SASL_SSL users are granted permissions for a topic, only the authorized users can subscribe to or publish messages to the topic.</p>
<div class="section" id="kafka-ug-0002__section10943454010"><h4 class="sectiontitle">Prerequisites</h4><ul id="kafka-ug-0002__ul894011501594"><li id="kafka-ug-0002__li394118501798">SASL_SSL has been enabled when you create the Kafka instance.</li><li id="kafka-ug-0002__li1985015521192">(Optional) A SASL_SSL user has been created. For details, see <a href="kafka-ug-0003.html">Creating a SASL_SSL User</a>.</li></ul>
</div>
<div class="section" id="kafka-ug-0002__section590513285108"><h4 class="sectiontitle">Granting Permissions to a SASL_SSL User</h4><ol id="kafka-ug-0002__ol19541635141014"><li id="kafka-ug-0002__li10427115412419"><span>Log in to the management console.</span></li><li id="kafka-ug-0002__li14905725134512"><span>Click <span><img id="kafka-ug-0002__image125587350" src="en-us_image_0143929918.png"></span> in the upper left corner to select a region.</span><p><div class="note" id="kafka-ug-0002__note596412409275"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="kafka-ug-0002__p11964174020277">Select the region where your Kafka instance is located.</p>
</div></div>
</p></li><li id="kafka-ug-0002__li189561034172215"><span>Click <strong id="kafka-ug-0002__b176690015395711">Service List</strong> and choose <strong id="kafka-ug-0002__b203556207095711">Application</strong> &gt; <strong id="kafka-ug-0002__b214704539495711">Distributed Message Service</strong>. The Kafka instance list is displayed.</span></li><li id="kafka-ug-0002__li374185811449"><span>Click the desired Kafka instance to view the instance details.</span></li><li id="kafka-ug-0002__li1592622914109"><span>In the navigation pane, choose the <strong id="kafka-ug-0002__b38489151851">Topics</strong> tab.</span></li><li id="kafka-ug-0002__li5603131715114"><span>In the row that contains the topic for which you want to configure user permissions, click <strong id="kafka-ug-0002__b171077249911">Grant User Permission</strong>.</span><p><p id="kafka-ug-0002__p179331336132719">In the upper part of the <strong id="kafka-ug-0002__b68901410141712">Grant User Permission</strong> dialog box, the topic information is displayed, including the topic name, number of partitions, aging time, number of replicas, and whether synchronous flushing is enabled. In the middle part, you can use the search box to search for a user if there are many SASL_SSL users. In the <strong id="kafka-ug-0002__b8834143011911">Users</strong> area, the list of created SASL_SSL users is displayed. In the <strong id="kafka-ug-0002__b1455517403199">Selected</strong> area, you can grant permissions to the SASL_SSL users.</p>
</p></li><li id="kafka-ug-0002__li539122104714"><span>In the <strong id="kafka-ug-0002__b19655495918">Users</strong> area of the <strong id="kafka-ug-0002__b6348123185213">Grant User Permission</strong> dialog box, select target users. In the <strong id="kafka-ug-0002__b209671513181015">Selected</strong> area, configure permissions (<strong id="kafka-ug-0002__b161105835320">Subscribe</strong>, <strong id="kafka-ug-0002__b17760143355317">Publish</strong>, and <strong id="kafka-ug-0002__b365661517538">Publish/Subscribe</strong>) for the users.</span><p><div class="fignone" id="kafka-ug-0002__fig15529113214543"><a name="kafka-ug-0002__fig15529113214543"></a><a name="fig15529113214543"></a><span class="figcap"><b>Figure 1 </b>Granting user permissions</span><br><span><img id="kafka-ug-0002__image19529143211543" src="en-us_image_0000001380945917.png"></span></div>
<p id="kafka-ug-0002__p1461514393516">As shown in <a href="#kafka-ug-0002__fig15529113214543">Figure 1</a>, only the <strong id="kafka-ug-0002__b1053575517102">test</strong>, <strong id="kafka-ug-0002__b1353519555109">send</strong>, and <strong id="kafka-ug-0002__b353514555101">receive</strong> users can subscribe to or publish messages to topic-01. The <strong id="kafka-ug-0002__b1753535514108">send_receive</strong> user cannot subscribe to or publish messages to topic-01.</p>
</p></li><li id="kafka-ug-0002__li1382382916138"><span>Click <strong id="kafka-ug-0002__b1085852516163">OK</strong>.</span><p><p id="kafka-ug-0002__p539162720537">On the <strong id="kafka-ug-0002__b37061384187">Topics</strong> tab page, click <span><img id="kafka-ug-0002__image936110268308" src="en-us_image_0000001160594580.png"></span> next to the topic name to view the authorized users and their permissions.</p>
<div class="fignone" id="kafka-ug-0002__fig568972912556"><span class="figcap"><b>Figure 2 </b>Viewing authorized users and their permissions</span><br><span><img id="kafka-ug-0002__image146891929125511" src="en-us_image_0000001329906052.png"></span></div>
</p></li></ol>
</div>
<div class="section" id="kafka-ug-0002__section1586284693920"><h4 class="sectiontitle">(Optional) Removing Permissions from a SASL_SSL User</h4><ol id="kafka-ug-0002__ol1077994717411"><li id="kafka-ug-0002__li15841952144118"><span>Log in to the management console.</span></li><li id="kafka-ug-0002__li78417529412"><span>Click <span><img id="kafka-ug-0002__image1090474182" src="en-us_image_0143929918.png"></span> in the upper left corner to select a region.</span><p><div class="note" id="kafka-ug-0002__note118485234117"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="kafka-ug-0002__p178415215415">Select the region where your Kafka instance is located.</p>
</div></div>
</p></li><li id="kafka-ug-0002__li138414528419"><span>Click <strong id="kafka-ug-0002__b44095891395711">Service List</strong> and choose <strong id="kafka-ug-0002__b82968184395711">Application</strong> &gt; <strong id="kafka-ug-0002__b112248447295711">Distributed Message Service</strong>. The Kafka instance list is displayed.</span></li><li id="kafka-ug-0002__li108412522412"><span>Click the desired Kafka instance to view the instance details.</span></li><li id="kafka-ug-0002__li9844521415"><span>In the navigation pane, choose the <strong id="kafka-ug-0002__b9893114619516">Topics</strong> tab.</span></li><li id="kafka-ug-0002__li137961310438"><span>In the row that contains the topic for which you want to remove user permissions, click <strong id="kafka-ug-0002__b14290143212214">Grant User Permission</strong>.</span></li><li id="kafka-ug-0002__li11597174515430"><span>In the <strong id="kafka-ug-0002__b1638174819226">Selected</strong> area of the displayed <strong id="kafka-ug-0002__b1395256172218">Grant User Permission</strong> dialog box, locate the row that contains the SASL_SSL user whose permissions are to be removed, click <strong id="kafka-ug-0002__b17662206192313">Delete</strong>, and click <strong id="kafka-ug-0002__b19957151615232">OK</strong>.</span></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="kafka-ug-0009.html">Managing Users</a></div>
</div>
</div>
View Git Blame Copy Permalink