Untitled

avatar
unknown
plain_text
10 months ago
2.1 kB
6
Indexable
#!/bin/bash

# Source and target Kafka cluster bootstrap servers
SOURCE_BOOTSTRAP_SERVER="source-cluster:9092"
TARGET_BOOTSTRAP_SERVER="target-cluster:9092"

# Temporary file to store ACLs
ACL_FILE="/tmp/kafka_acls.txt"

# Step 1: List all ACLs from the source cluster
echo "Fetching ACLs from the source cluster..."
kafka-acls.sh --bootstrap-server $SOURCE_BOOTSTRAP_SERVER --list > $ACL_FILE

# Check if the ACL file was created successfully
if [ ! -f "$ACL_FILE" ]; then
  echo "Failed to fetch ACLs from the source cluster."
  exit 1
fi

echo "ACLs fetched successfully and stored in $ACL_FILE."

# Step 2: Apply ACLs to the target cluster
echo "Applying ACLs to the target cluster..."
while read -r acl; do
  # Skip empty lines or headers
  if [[ -z "$acl" || "$acl" == "Current ACLs for resource"* ]]; then
    continue
  fi

  # Extract resource type, resource name, principal, operation, and permission type
  if [[ "$acl" =~ Resource:\ ([^,]+),\ Principal:\ ([^,]+),\ Operation:\ ([^,]+),\ PermissionType:\ ([^,]+) ]]; then
    resource_full=$(echo "${BASH_REMATCH[1]}" | tr -d '`') # Remove backticks if present
    principal=$(echo "${BASH_REMATCH[2]}" | awk -F':' '{print $2}')
    operation=$(echo "${BASH_REMATCH[3]}")
    permission_type=$(echo "${BASH_REMATCH[4]}")

    # Extract resource type and resource name
    if [[ "$resource_full" =~ ^(Topic|Group|Cluster|TransactionalId|DelegationToken)-(.+)$ ]]; then
      resource_type=$(echo "${BASH_REMATCH[1]}")
      resource_name=$(echo "${BASH_REMATCH[2]}")
    else
      echo "Skipping malformed resource: $resource_full"
      continue
    fi

    # Construct the kafka-acls.sh command to add the ACL
    echo "Adding ACL for Principal:$principal on $resource_type:$resource_name with $operation ($permission_type)..."
    kafka-acls.sh --bootstrap-server $TARGET_BOOTSTRAP_SERVER --add \
      --$resource_type "$resource_name" \
      --allow-principal "User:$principal" \
      --operation "$operation" \
      --$permission_type
  else
    echo "Skipping malformed ACL: $acl"
  fi
done < $ACL_FILE

# Clean up
rm -f $ACL_FILE

echo "ACL copy process completed."
Editor is loading...
Leave a Comment