-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.tf
41 lines (37 loc) · 1.26 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
locals {
user_name = "CN=${var.cert_common_name}"
}
output "user_name" {
value = local.user_name
description = "The name of the user permitted to consume/produce on the topic"
}
# For each consumed topic define an ACL for reading that topic
resource "kafka_acl" "topic_acl" {
for_each = toset(var.consume_topics)
resource_name = each.value
resource_type = "Topic"
acl_principal = "User:${local.user_name}"
acl_host = var.acl_host
acl_operation = "Read"
acl_permission_type = "Allow"
}
# For each used consumer group define an ACL for accessing it
resource "kafka_acl" "group_acl" {
for_each = toset(var.consume_groups)
resource_name = each.key
resource_type = "Group"
acl_principal = "User:${local.user_name}"
acl_host = var.acl_host
acl_operation = "Read"
acl_permission_type = "Allow"
}
# For each produce topic define a write ACL for that topic
resource "kafka_acl" "producer_acl" {
for_each = toset(var.produce_topics)
resource_name = each.key
resource_type = "Topic"
acl_principal = "User:${local.user_name}"
acl_host = var.acl_host
acl_operation = "Write"
acl_permission_type = "Allow"
}