13.2.19.6. superUsers
被视为超级用户的用户主体列表,以便始终允许他们而无需查询 open Policy Agent 策略。如需更多信息,请参阅 Kafka 授权。
Open Policy Agent 授权器配置示例
apiVersion: kafka.strimzi.io/v1beta2
kind: Kafka
metadata:
name: my-cluster
namespace: myproject
spec:
kafka:
# ...
authorization:
type: opa
url: http://opa:8181/v1/data/kafka/allow
allowOnError: false
initialCacheCapacity: 1000
maximumCacheSize: 10000
expireAfterMs: 60000
superUsers:
- CN=fred
- sam
- CN=edward
# ...