[KAFKA-1810] Add IP Filtering / Whitelists-Blacklists - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Minor
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: core, network, security
Labels:
None

Description

While longer-term goals of security in Kafka are on the roadmap there exists some value for the ability to restrict connection to Kafka brokers based on IP address. This is not intended as a replacement for security but more of a precaution against misconfiguration and to provide some level of control to Kafka administrators about who is reading/writing to their cluster.

1) In some organizations software administration vs o/s systems administration and network administration is disjointed and not well choreographed. Providing software administrators the ability to configure their platform relatively independently (after initial configuration) from Systems administrators is desirable.
2) Configuration and deployment is sometimes error prone and there are situations when test environments could erroneously read/write to production environments
3) An additional precaution against reading sensitive data is typically welcomed in most large enterprise deployments.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

KAFKA-1810.patch
08/Jan/15 17:01
33 kB
Jeff Holoman
KAFKA-1810_2015-03-15_01:13:12.patch
15/Mar/15 05:13
37 kB
Jeff Holoman
KAFKA-1810_2015-01-15_19:47:14.patch
16/Jan/15 00:47
49 kB
Jeff Holoman

Issue Links

is related to

KAFKA-1682 Security for Kafka

Open

KAFKA-1512 Limit the maximum number of connections per ip address

Resolved

Activity

People

Assignee:: Jeff Holoman

Reporter:: Jeff Holoman

Reviewer:: Gwen Shapira

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 08/Dec/14 17:56

Updated:: 10/Nov/15 18:59

Resolved:: 21/Apr/15 23:09