KTKTK-HZ commented on code in PR #20084:
URL: https://github.com/apache/kafka/pull/20084#discussion_r2195090700
##########
docs/streams/developer-guide/security.html:
##########
@@ -70,6 +70,58 @@
the ACL set so that the application has the permissions to
create, read and write
<a class="reference internal"
href="manage-topics.html#streams-developer-guide-topics-internal"><span
class="std std-ref">internal topics</span></a>.</p>
+ <div class="admonition note">
+ <p class="first admonition-title">Note</p>
+ <p class="last">Starting with <a class="reference external"
href="https://cwiki.apache.org/confluence/display/KAFKA/KIP-1071%3A+Streams+Rebalance+Protocol";>KIP-1071</a>,
additional ACLs are required for the new Streams rebalance protocol:</p>
+ </div>
+
+ <table border="1" class="docutils">
+ <colgroup>
+ <col width="25%">
+ <col width="15%">
+ <col width="20%">
+ <col width="40%">
+ </colgroup>
+ <thead valign="bottom">
+ <tr class="row-odd"><th class="head">Operation (API)</th>
+ <th class="head">Permission</th>
+ <th class="head">Resource</th>
+ <th class="head">Notes</th>
+ </tr>
+ </thead>
+ <tbody valign="top">
+ <tr class="row-even">
+ <td>STREAMS_GROUP_HEARTBEAT</td>
+ <td>Read</td>
+ <td>Group</td>
+ <td>Required for the application's consumer group
(<code>${application.id}</code>)</td>
+ </tr>
+ <tr class="row-odd">
+ <td>STREAMS_GROUP_HEARTBEAT</td>
+ <td>DescribeConfigs</td>
Review Comment:
Thanks for the reminder.The document has been revised according to the
description in the new KIP.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
