Skip to content

Latest commit



229 lines (185 loc) · 8.04 KB

File metadata and controls

229 lines (185 loc) · 8.04 KB

Contributors Forks Stargazers Issues MIT License LinkedIn

Kafka ACL Report

Kafka ACL Report - Description
Explore the docs »

View Demo · Report Bug · Request Feature

Table of Contents

  1. About The Project
  2. Getting Started
  3. Usage
  4. Roadmap
  5. Contributing
  6. License
  7. Contact
  8. Acknowledgements

About The Project

Apache Kafka ACL lack a mean to provide a mean to list ACLs associated to a Principal with kafka-acls commands (KIP-357)

The provide a temporary solution for now.

Built With

  • BASH

Getting Started

To get a local copy up and running follow these simple steps.


  • Linux bash
  • or kafka-acls - if to be executed through shell pipe
  • Output of or kafka-acls - if using a filename or STDIN (with cat )


  1. Clone the repo to the location of your choice
cd <clone-parent-path-dir>
git clone
  1. Check the executable permission of the script
cd <clone-parent-path-dir>/kafka-acl-report
ls -la bin/

Script should have - at least - the executable permission for the owner.

-rwxr-xr-x 1 user 197609 4277 Sep 30 03:05


The script is taking a principal as input and either a filename or reading STDIN

Usage: -p <principal> [ -f <filename> ]
 -p <principal>       (mandatory) The PRINCIPAL (case sensitive) you are looking to report on
 -f <filename>       (optional)  A file containing the output of the kafka-acls command
                                  If filename is not present, the script will read from STDIN

Show usage

cd <clone-parent-path-dir>/kafka-acl-report
./kafka-acl-report/bin/ -h

Example from sample directory

Principal with GROUP ACLs (username1)

cd <clone-parent-path-dir>/kafka-acl-report
cat ../sample/small.acls | ./kafka-acl-report/bin/ -u username1
The ACL for USER username1 are ...
   On GROUP group2 (LITERAL) has ALL ALLOW from HOST *

Principal with READ (LITERAL) ACLs on a TOPIC (username2)

cd <clone-parent-path-dir>/kafka-acl-report
cat ../sample/small.acls | ./kafka-acl-report/bin/ -u username2
The ACL for USER username2 are ...
   On TOPIC topic2 (LITERAL) has READ ALLOW from HOST *

Principal with WRITE (PREFIXED) ACLs on a TOPIC (username3)

cd <clone-parent-path-dir>/kafka-acl-report
cat ../sample/small.acls | ./kafka-acl-report/bin/ -u username3
The ACL for USER username3 are ...
   On TOPIC topic3 (PREFIXED) has WRITE ALLOW from HOST *

Principal with READ (PREFIXED) ACLs on a TOPIC (username4)

cd <clone-parent-path-dir>/kafka-acl-report
cat ../sample/small.acls | ./kafka-acl-report/bin/ -u username4
The ACL for USER username4 are ...
   On TOPIC topic3 (PREFIXED) has WRITE ALLOW from HOST *

Principal with no ACLs found (username)

cd <clone-parent-path-dir>/kafka-acl-report
cat ../sample/small.acls | ./kafka-acl-report/bin/ -u username
The ACL for USER username are ...


See the open issues for a list of proposed features (and known issues).


Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request


Distributed under the MIT License. See LICENSE for more information.




If you like the tool and want to support the code, you can pay me a coke ...