Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
2.2.1
-
None
-
None
Description
Currently we are using the kafka-configs script to create SCRAM users in zookeeper. I execute the following command on the machine:
./kafka-configs --zookeeper ip-adres:2181 --alter --add-config 'SCRAM-SHA-256=[password=password]' --entity-type users --entity-name user123
I would like to create users dynamically via a Java api. Since it is not possible to create SCRAM users via the KafkaAdminApi (please confirm?), I am now using the Kafka Scala class 'AdminZkClient' to create users the same as way as the ConfigCommand currently does. It looks like the AdminZkClient doesn't provide a way to authenticate against zookeeper using SASL. I'm currently connecting to zookeeper without authentication and this is a security issue. Is it possible to connect with the AdminZkClient with SASL authentication?
I'm aware of issue KAFKA-5722 which is an improvement to use the AdminClient in the ConfigCommand class so this issue might be a duplicate but I would like to know if it is possible to authenticate using SASL with the AdminZkClient.
Thanks!
