This topic describes how to integrate Kafka with Ranger and how to configure related
permissions.
Integrate Kafka with Ranger
- Enable Kafka in Ranger.
- Log on to the EMR console.
- In the top navigation bar, select the region where your cluster resides and select a resource group based on your business requirements.
- Click the Cluster Management tab.
- On the Cluster Management page, find your cluster and click Details in the Actions column.
- Select EnabledKafka from the Actions drop-down list in the upper-right corner.
- In the Cluster Activities dialog box that appears, set related parameters and click
OK.
Click History in the upper-right corner to view the task progress.
- Add the Kafka service on the web UI of Ranger.
- Log on to Ranger. For more information, see Overview.
- Add the Kafka service.
- Configure the Kafka service.

Parameter |
Description |
Service Name |
Set the value to emr-kafka.
|
Username |
Set the value to kafka.
|
Password |
Enter a custom value. |
Zookeeper Connect String |
Enter a value in the format of emr-header-1:2181/kafka-x.xx.
Note Set kafka-x.xx based on the actual Kafka version.
|
- Click Add.
- Restart the Kafka broker.
- In the left-side navigation pane, click Cluster Service and then Kafka.
- Select Restart Kafka Broker from the Actions drop-down list in the upper-right corner.
- In the Cluster Activities dialog box that appears, set related parameters and click
OK.
Click History in the upper-right corner to view the task progress.
Permission configuration example
After Kafka is integrated with Ranger, you can configure Kafka permissions in Ranger.
Notice In a standard cluster, Ranger generates the all - topic policy by default after the
Kafka service is added. This policy does not limit the permissions of users. It allows
all users to perform all operations. In this case, Ranger cannot control permissions
of users.
Take user test as an example. To grant the Publish permission to user test, follow
these steps:
- Click emr-kafka.
- Click Add New Policy in the upper-right corner.
- Configure required parameters.
- Click Add.
After the policy is created, authorization is completed. User test can write data
to the
test topic.
Note After you add, remove, or modify a policy, it can take up to one minute for the configuration
to take effect.