-
|
Hi, I am doing a POC integrating AKHQ with an IDP provider, and it's working fine so far, apart from 1 requirement we need: we handle authentication of several users from several groups, and we want to expose only a subset of the configured connections (friendly cluster names, which appear on left menu) for all users. If I understood it, this has been identified here. Reading this doc I assumed regex patterns could be used for that (via Also the clusters regex used in this example do not relate to cluster friendly names, so I guess I was not right in my assumption. Here is an example of my config, could you please verify and advise? I am using release 0.24.0. akhq:
security:
groups:
limited-reader-a:
- role: topic-read
clusters: ["cla.*"]
- role: topic-data-read
clusters: ["cla.*"]
- role: node-read
clusters: ["cla.*"]
- role: consumer-read
clusters: ["cla.*"]
limited-reader-b:
- role: topic-read
clusters: ["clb.*"]
- role: topic-data-read
clusters: ["clb.*"]
- role: node-read
clusters: ["clb.*"]
- role: consumer-read
clusters: ["clb.*"]
connections:
cla-dev:
properties:
bootstrap.servers: "kafka:9091"
...
cla-e2e:
properties:
bootstrap.servers: "kafka:9092"
...
clb-dev:
properties:
bootstrap.servers: "kafka:9093"Also tried using the akhq:
security:
groups:
limited-reader-a:
roles:
- topic/read
- node/read
- topic/data/read
- group/read
- registry/read
- acls/read
- connect/read
clusters: ["cla.*"]
Thanks in advance |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Never mind, I see the changes from AkhqController never made it to the jar I pulled so I will override it with the new code. |
Beta Was this translation helpful? Give feedback.
Never mind, I see the changes from AkhqController never made it to the jar I pulled so I will override it with the new code.