+1. It's a little odd that we are still left with the anomalous cluster permission for ListGroups. You mention in the rejected alternatives that reducing permissions would make it impossible for admins to list groups, but I'm not sure why that would be the case. Wouldn't a wildcard group describe permission enable that? That said, it's probably better to keep the old permission for backwards compatibility.
-Jason On Mon, Jan 22, 2018 at 11:07 AM, Vahid S Hashemian < vahidhashem...@us.ibm.com> wrote: > And this one requires two more binding +1's :) > > Thanks. > > > > From: Ewen Cheslack-Postava <e...@confluent.io> > To: dev@kafka.apache.org > Date: 01/02/2018 09:50 PM > Subject: Re: [VOTE] KIP-231: Improve the Required ACL of ListGroups > API > > > > +1 (binding) > > Thanks for the KIP Vahid, nice improvement! > > -Ewen > > On Tue, Dec 19, 2017 at 11:30 AM, Vahid S Hashemian < > vahidhashem...@us.ibm.com> wrote: > > > I believe the concerns on this KIP have been addressed so far. > > Therefore, I'd like to start a vote. > > > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki. > apache.org_confluence_display_KAFKA_KIP-2D&d=DwIBaQ&c=jf_ > iaSHvJObTbx-siA1ZOg&r=Q_itwloTQj3_xUKl7Nzswo6KE4Nj-kjJc7uSVcviKUc&m= > qA7xTKn3gB0jf1lj1AQ3oFqsUZ9YooTz69QNqRGMs00&s= > JNhAeUvZiILPhLdH011wge0zOn5TYMCpVHu2WoXefN8&e= > > > 231%3A+Improve+the+Required+ACL+of+ListGroups+API > > > > Thanks. > > --Vahid > > > > > > > > >
