confluent kafka acl create

Description

Create a Kafka ACL.

confluent kafka acl create [flags]

Flags

    --operations strings        REQUIRED: A comma-separated list of ACL operations: (alter, alter-configs, cluster-action, create, delete, describe, describe-configs, idempotent-write, read, write).
    --principal string          Principal for this operation, prefixed with "User:".
    --service-account string    The service account ID.
    --allow                     Access to the resource is allowed.
    --deny                      Access to the resource is denied.
    --cluster-scope             Modify ACLs for the cluster.
    --topic string              Modify ACLs for the specified topic resource.
    --consumer-group string     Modify ACLs for the specified consumer group resource.
    --transactional-id string   Modify ACLs for the specified TransactionalID resource.
    --prefix                    When this flag is set, the specified resource name is interpreted as a prefix.
    --cluster string            Kafka cluster ID.
    --context string            CLI context name.
    --environment string        Environment ID.
-o, --output string             Specify the output format as "human", "json", or "yaml". (default "human")

Global Flags

-h, --help            Show help for this command.
    --unsafe-trace    Equivalent to -vvvv, but also log HTTP requests and responses which may contain plaintext secrets.
-v, --verbose count   Increase verbosity (-v for warn, -vv for info, -vvv for debug, -vvvv for trace).

Examples

You can specify only one of the following flags per command invocation: --cluster-scope, --consumer-group, --topic, or --transactional-id. For example, for a consumer to read a topic, you need to grant “READ” and “DESCRIBE” both on the --consumer-group and the --topic resources, issuing two separate commands:

confluent kafka acl create --allow --service-account sa-55555 --operations READ,DESCRIBE --consumer-group java_example_group_1
confluent kafka acl create --allow --service-account sa-55555 --operations READ,DESCRIBE --topic "*"

See Also