Create an ACL
POST/kafka/v3/clusters/:cluster_id/acls
Create an ACL.
Request
Responses
- 201
- 400
- 401
- 403
- 429
- 5XX
Created
Indicates a bad request error. It could be caused by an unexpected request body format or other forms of request validation failure.
Indicates a client authentication error. Kafka authentication failures will contain error code 40101 in the response body.
Indicates a client authorization error. Kafka authorization failures will contain error code 40301 in the response body.
Indicates that a rate limit threshold has been reached, and the client should retry again later.
A server-side problem that might not be addressable from the client side. Retriable Kafka errors will contain error code 50003 in the response body.
OpenAPI definition (YAML)
paths:
/kafka/v3/clusters/{cluster_id}/acls:
post:
operationId: createKafkaAcls
description: '[](#section/Versioning/API-Lifecycle-Policy)
Create an ACL.'
tags:
- ACL (v3)
security:
- resource-api-key: []
- external-access-token: []
requestBody:
description: The ACL creation request.
content:
application/json:
schema:
type: object
required:
- resource_type
- resource_name
- pattern_type
- principal
- host
- operation
- permission
properties:
resource_type:
type: string
enum:
- UNKNOWN
- ANY
- TOPIC
- GROUP
- CLUSTER
- TRANSACTIONAL_ID
- DELEGATION_TOKEN
title: AclResourceType
resource_name:
type: string
pattern_type:
type: string
enum:
- UNKNOWN
- ANY
- MATCH
- LITERAL
- PREFIXED
title: AclPatternType
principal:
type: string
host:
type: string
operation:
type: string
enum:
- UNKNOWN
- ANY
- ALL
- READ
- WRITE
- CREATE
- DELETE
- ALTER
- DESCRIBE
- CLUSTER_ACTION
- DESCRIBE_CONFIGS
- ALTER_CONFIGS
- IDEMPOTENT_WRITE
title: AclOperation
permission:
type: string
enum:
- UNKNOWN
- ANY
- DENY
- ALLOW
title: AclPermission
title: CreateAclRequestData
example:
resource_type: CLUSTER
resource_name: kafka-cluster
pattern_type: LITERAL
principal: principalType:principalName
host: '*'
operation: DESCRIBE
permission: DENY
responses:
'201':
description: Created
'400':
description: Indicates a bad request error. It could be caused by an unexpected request body
format or other forms of request validation failure.
content:
application/json:
schema:
type: object
description: Describes a particular error encountered while performing an operation.
properties:
id:
description: A unique identifier for this particular occurrence of the problem.
type: string
maxLength: 255
status:
description: The HTTP status code applicable to this problem, expressed as a string
value.
type: string
code:
description: An application-specific error code, expressed as a string value.
type: string
title:
description: A short, human-readable summary of the problem. It **SHOULD NOT** change
from occurrence to occurrence of the problem, except for purposes of localization.
type: string
detail:
description: A human-readable explanation specific to this occurrence of the problem.
type: string
source:
type: object
description: If this error was caused by a particular part of the API request, the
source will point to the query string parameter or request body property that caused
it.
properties:
pointer:
description: A JSON Pointer [RFC6901] to the associated entity in the request
document [e.g. "/spec" for a spec object, or "/spec/title" for a specific field].
type: string
parameter:
description: A string indicating which query parameter caused the error.
type: string
error_code:
type: integer
format: int32
message:
type: string
nullable: true
additionalProperties: false
title: Error
examples:
create_acls_cluster_name_invalid:
description: Thrown when creating an ACL for a CLUSTER resource specifying the wrong
resource name.
value:
error_code: 40002
message: The only valid name for the CLUSTER resource is kafka-cluster"
'401':
description: Indicates a client authentication error. Kafka authentication failures will contain
error code 40101 in the response body.
content:
application/json:
schema:
type: object
description: Describes a particular error encountered while performing an operation.
properties:
id:
description: A unique identifier for this particular occurrence of the problem.
type: string
maxLength: 255
status:
description: The HTTP status code applicable to this problem, expressed as a string
value.
type: string
code:
description: An application-specific error code, expressed as a string value.
type: string
title:
description: A short, human-readable summary of the problem. It **SHOULD NOT** change
from occurrence to occurrence of the problem, except for purposes of localization.
type: string
detail:
description: A human-readable explanation specific to this occurrence of the problem.
type: string
source:
type: object
description: If this error was caused by a particular part of the API request, the
source will point to the query string parameter or request body property that caused
it.
properties:
pointer:
description: A JSON Pointer [RFC6901] to the associated entity in the request
document [e.g. "/spec" for a spec object, or "/spec/title" for a specific field].
type: string
parameter:
description: A string indicating which query parameter caused the error.
type: string
error_code:
type: integer
format: int32
message:
type: string
nullable: true
additionalProperties: false
title: Error
examples:
kafka_authentication_failed:
description: Thrown when using Basic authentication with wrong Kafka credentials.
value:
error_code: 40101
message: Authentication failed
'403':
description: Indicates a client authorization error. Kafka authorization failures will contain
error code 40301 in the response body.
content:
application/json:
schema:
type: object
description: Describes a particular error encountered while performing an operation.
properties:
id:
description: A unique identifier for this particular occurrence of the problem.
type: string
maxLength: 255
status:
description: The HTTP status code applicable to this problem, expressed as a string
value.
type: string
code:
description: An application-specific error code, expressed as a string value.
type: string
title:
description: A short, human-readable summary of the problem. It **SHOULD NOT** change
from occurrence to occurrence of the problem, except for purposes of localization.
type: string
detail:
description: A human-readable explanation specific to this occurrence of the problem.
type: string
source:
type: object
description: If this error was caused by a particular part of the API request, the
source will point to the query string parameter or request body property that caused
it.
properties:
pointer:
description: A JSON Pointer [RFC6901] to the associated entity in the request
document [e.g. "/spec" for a spec object, or "/spec/title" for a specific field].
type: string
parameter:
description: A string indicating which query parameter caused the error.
type: string
error_code:
type: integer
format: int32
message:
type: string
nullable: true
additionalProperties: false
title: Error
examples:
kafka_authorization_failed:
description: Thrown when the caller is not authorized to perform the underlying operation.
value:
error_code: 40301
message: Request is not authorized
'429':
description: Indicates that a rate limit threshold has been reached, and the client should retry
again later.
content:
text/html:
schema:
type: string
example:
description: A sample response from Jetty's DoSFilter.
value: <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 429 Too Many Requests</title> </head> <body> <h2>HTTP ERROR 429 Too Many
Requests</h2> <table> <tr> <th>URI:</th> <td>/v3/clusters/my-cluster</td> </tr> <tr>
<th>STATUS:</th> <td>429</td> </tr> <tr> <th>MESSAGE:</th> <td>Too Many Requests</td>
</tr> <tr> <th>SERVLET:</th> <td>default</td> </tr> </table> </body> </html>
5XX:
description: A server-side problem that might not be addressable from the client side. Retriable
Kafka errors will contain error code 50003 in the response body.
content:
application/json:
schema:
type: object
description: Describes a particular error encountered while performing an operation.
properties:
id:
description: A unique identifier for this particular occurrence of the problem.
type: string
maxLength: 255
status:
description: The HTTP status code applicable to this problem, expressed as a string
value.
type: string
code:
description: An application-specific error code, expressed as a string value.
type: string
title:
description: A short, human-readable summary of the problem. It **SHOULD NOT** change
from occurrence to occurrence of the problem, except for purposes of localization.
type: string
detail:
description: A human-readable explanation specific to this occurrence of the problem.
type: string
source:
type: object
description: If this error was caused by a particular part of the API request, the
source will point to the query string parameter or request body property that caused
it.
properties:
pointer:
description: A JSON Pointer [RFC6901] to the associated entity in the request
document [e.g. "/spec" for a spec object, or "/spec/title" for a specific field].
type: string
parameter:
description: A string indicating which query parameter caused the error.
type: string
error_code:
type: integer
format: int32
message:
type: string
nullable: true
additionalProperties: false
title: Error
examples:
generic_internal_server_error:
description: Thrown for generic HTTP 500 errors.
value:
error_code: 500
message: Internal Server Error
parameters:
- name: cluster_id
description: The Kafka cluster ID.
in: path
required: true
schema:
type: string
example: cluster-1
servers:
- url: https://pkc-00000.region.provider.confluent.cloud
x-audience: business-unit-internal
description: Confluent Cloud REST Endpoint. For example https://pkc-00000.region.provider.confluent.cloud
jsonRequestBodyExample:
resource_type: UNKNOWN
resource_name: string
pattern_type: UNKNOWN
principal: string
host: string
operation: UNKNOWN
permission: UNKNOWN