0PricingLogin
Advanced Spring Boot 4: Event-Driven Architecture (Kafka) · Lesson

Authorization with ACLs

Implement Access Control Lists (ACLs) on Kafka brokers to define fine-grained permissions for producers and consumers.

What are Kafka ACLs?

In our last lesson, we learned about authenticating with Kafka using SASL. But authentication just verifies who you are.

Authorization determines what you are allowed to do. This is where Access Control Lists (ACLs) come in.

Kafka ACLs provide fine-grained permissions, letting you control which users (or principals) can perform specific actions on Kafka resources.

The Core of Kafka Authorization

Authorization in Kafka revolves around three key concepts:

  • Principal: The authenticated user or client attempting an action (e.g., User:Alice, User:ProducerApp).
  • Operation: The action being attempted (e.g., READ, WRITE, CREATE, DELETE).
  • Resource: The Kafka entity the operation is performed on (e.g., a specific topic, a consumer group).

ACLs define which principals can perform which operations on which resources.

All lessons in this course

  1. Authentication with SASL
  2. Authorization with ACLs
  3. Encryption with SSL/TLS
  4. Auditing and Securing Schema Registry Access
← Back to Advanced Spring Boot 4: Event-Driven Architecture (Kafka)