ApsaraMQ for Kafka V2 Professional Edition instances provide the access control list (ACL) feature. After you enable the feature for an instance, you can authorize a Simple Authentication and Security Layer (SASL) user to access the instance by using the SASL endpoint.
Prerequisites
The instance is an ApsaraMQ for Kafka V2 Professional Edition instance.
The instance is in the Running state.
The major version of the instance is 2.2.0 or later. For information about how to upgrade the major version, see Upgrade the version of an instance.
The minor version of the instance is the latest. For information about how to update the minor version, see Upgrade instance versions.
Procedure
Log on to the ApsaraMQ for Kafka console.
In the Resource Distribution section of the Overview page, select the region where the ApsaraMQ for Kafka instance that you want to manage resides.
On the Instances page, click the name of the instance that you want to manage.
On the Instance Details page, click Enable ACL in the upper-right corner of the Overview section.
In the Note message, click OK. Then, refresh the Instance Details page.
After you refresh the Instance Details page, the value of the Status parameter in the Basic Information section is displayed as Upgrading. When the value of the Status parameter becomes Running, ACL is enabled.
NoteYou can enable ACL for an ApsaraMQ for Kafka instance only after the version of the instance is upgraded. After you enable ACL for an ApsaraMQ for Kafka instance, you can create and authorize a SASL user in the ApsaraMQ for Kafka console to access the instance by using the SASL endpoint. A version upgrade may require 15 to 20 minutes to complete. For more information, see Create a SASL user.
You can also enable ACL for an ApsaraMQ for Kafka instance when you deploy the instance.