UserService
A set of methods for managing Kafka users.
| Call | Description |
|---|---|
| Get | Returns the specified Kafka user. |
| List | Retrieves the list of Kafka users in the specified cluster. |
| Create | Creates a Kafka user in the specified cluster. |
| Update | Updates the specified Kafka user. |
| Delete | Deletes the specified Kafka user. |
| GrantPermission | Grants permission to the specified Kafka user. |
| RevokePermission | Revokes permission from the specified Kafka user. |
Calls UserService
Get
Returns the specified Kafka user.
To get the list of available Kafka users, make a List request.
rpc Get (GetUserRequest) returns (User)
GetUserRequest
| Field | Description |
|---|---|
| cluster_id | string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50. |
| user_name | string Required. Name of the Kafka user to return. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression [a-zA-Z0-9_]*. |
User
| Field | Description |
|---|---|
| name | string Name of the Kafka user. |
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request. |
| permissions[] | Permission Set of permissions granted to this user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
List
Retrieves the list of Kafka users in the specified cluster.
rpc List (ListUsersRequest) returns (ListUsersResponse)
ListUsersRequest
| Field | Description |
|---|---|
| cluster_id | string Required. ID of the Apache Kafka® cluster to list Kafka users in. To get the Apache Kafka® cluster ID, make a ClusterService.List request. The maximum string length in characters is 50. |
| page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size, the service returns a ListUsersResponse.next_page_token that can be used to get the next page of results in subsequent list requests. The maximum value is 1000. |
| page_token | string Page token. To get the next page of results, set page_token to the ListUsersResponse.next_page_token returned by a previous list request. The maximum string length in characters is 100. |
ListUsersResponse
| Field | Description |
|---|---|
| users[] | User List of Kafka users. |
| next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListUsersRequest.page_size, use the next_page_token as the value for the ListUsersRequest.page_token parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
User
| Field | Description |
|---|---|
| name | string Name of the Kafka user. |
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request. |
| permissions[] | Permission Set of permissions granted to this user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
Create
Creates a Kafka user in the specified cluster.
rpc Create (CreateUserRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:CreateUserMetadata
Operation.response:User
CreateUserRequest
| Field | Description |
|---|---|
| cluster_id | string Required. ID of the Apache Kafka® cluster to create a user in. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50. |
| user_spec | UserSpec Required. Configuration of the user to create. |
UserSpec
| Field | Description |
|---|---|
| name | string Required. Name of the Kafka user. The string length in characters must be 1-63. Value must match the regular expression [a-zA-Z0-9_]*. |
| password | string Required. Password of the Kafka user. The string length in characters must be 8-128. |
| permissions[] | Permission Set of permissions granted to the user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<CreateUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<User> if operation finished successfully. |
CreateUserMetadata
| Field | Description |
|---|---|
| cluster_id | string ID of the Apache Kafka® cluster the user is being created in. |
| user_name | string Name of the user that is being created. |
User
| Field | Description |
|---|---|
| name | string Name of the Kafka user. |
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request. |
| permissions[] | Permission Set of permissions granted to this user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
Update
Updates the specified Kafka user.
rpc Update (UpdateUserRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateUserMetadata
Operation.response:User
UpdateUserRequest
| Field | Description |
|---|---|
| cluster_id | string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50. |
| user_name | string Required. Name of the user to be updated. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression [a-zA-Z0-9_]*. |
| update_mask | google.protobuf.FieldMask |
| password | string New password for the user. The string length in characters must be 8-128. |
| permissions[] | Permission New set of permissions for the user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<UpdateUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<User> if operation finished successfully. |
UpdateUserMetadata
| Field | Description |
|---|---|
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. |
| user_name | string Name of the user that is being updated. |
User
| Field | Description |
|---|---|
| name | string Name of the Kafka user. |
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request. |
| permissions[] | Permission Set of permissions granted to this user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
Delete
Deletes the specified Kafka user.
rpc Delete (DeleteUserRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:DeleteUserMetadata
Operation.response:google.protobuf.Empty
DeleteUserRequest
| Field | Description |
|---|---|
| cluster_id | string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50. |
| user_name | string Required. Name of the user to delete. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression [a-zA-Z0-9_]*. |
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<DeleteUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<google.protobuf.Empty> if operation finished successfully. |
DeleteUserMetadata
| Field | Description |
|---|---|
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. |
| user_name | string Name of the user that is being deleted. |
GrantPermission
Grants permission to the specified Kafka user.
rpc GrantPermission (GrantUserPermissionRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:GrantUserPermissionMetadata
Operation.response:User
GrantUserPermissionRequest
| Field | Description |
|---|---|
| cluster_id | string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50. |
| user_name | string Required. Name of the user to grant the permission to. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression [a-zA-Z0-9_]*. |
| permission | Permission Required. Permission that should be granted to the specified user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<GrantUserPermissionMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<User> if operation finished successfully. |
GrantUserPermissionMetadata
| Field | Description |
|---|---|
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. |
| user_name | string Name of the user that is being granted a permission. |
User
| Field | Description |
|---|---|
| name | string Name of the Kafka user. |
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request. |
| permissions[] | Permission Set of permissions granted to this user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
RevokePermission
Revokes permission from the specified Kafka user.
rpc RevokePermission (RevokeUserPermissionRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:RevokeUserPermissionMetadata
Operation.response:User
RevokeUserPermissionRequest
| Field | Description |
|---|---|
| cluster_id | string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50. |
| user_name | string Required. Name of the user to revoke a permission from. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression [a-zA-Z0-9_]*. |
| permission | Permission Required. Permission that should be revoked from the specified user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<RevokeUserPermissionMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<User> if operation finished successfully. |
RevokeUserPermissionMetadata
| Field | Description |
|---|---|
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. |
| user_name | string Name of the user whose permission is being revoked. |
User
| Field | Description |
|---|---|
| name | string Name of the Kafka user. |
| cluster_id | string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request. |
| permissions[] | Permission Set of permissions granted to this user. |
Permission
| Field | Description |
|---|---|
| topic_name | string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request. |
| role | enum AccessRole Access role type to grant to the user.
|