Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-1810

Add IP Filtering / Whitelists-Blacklists

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Minor
    • Resolution: Won't Fix
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: core, network, security
    • Labels:
      None

      Description

      While longer-term goals of security in Kafka are on the roadmap there exists some value for the ability to restrict connection to Kafka brokers based on IP address. This is not intended as a replacement for security but more of a precaution against misconfiguration and to provide some level of control to Kafka administrators about who is reading/writing to their cluster.

      1) In some organizations software administration vs o/s systems administration and network administration is disjointed and not well choreographed. Providing software administrators the ability to configure their platform relatively independently (after initial configuration) from Systems administrators is desirable.
      2) Configuration and deployment is sometimes error prone and there are situations when test environments could erroneously read/write to production environments
      3) An additional precaution against reading sensitive data is typically welcomed in most large enterprise deployments.

        Attachments

        1. KAFKA-1810.patch
          33 kB
          Jeff Holoman
        2. KAFKA-1810_2015-01-15_19:47:14.patch
          49 kB
          Jeff Holoman
        3. KAFKA-1810_2015-03-15_01:13:12.patch
          37 kB
          Jeff Holoman

          Issue Links

            Activity

              People

              • Assignee:
                jholoman Jeff Holoman
                Reporter:
                jholoman Jeff Holoman
                Reviewer:
                Gwen Shapira
              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: