Reputation: 11
Kafka GroupAuthorizationException while trying to consume a topic
We are facing an issue of GroupAuthorizationException while consuming on a Kafka topic.
In the logs, I could see it is referring to a default consumer group.
Here is my kafkauser CR who has group defined as happy-user-consumer-group:
apiVersion: kafka.strimzi.io/v1beta1
kind: KafkaUser
metadata:
name: happy-user-consumer
labels:
strimzi.io/cluster: cluster1
spec:
authentication:
type: tls
authorization:
type: simple
acls:
- resource:
type: topic
name: happy-topic
patternType: literal
operation: Read
host: "*"
- resource:
type: topic
name: happy-topic
patternType: literal
operation: Describe
host: "*"
- resource:
type: group
name: happy-user-consumer-group
patternType: literal
operation: Read
host: "*"
Error: org.apache.kafka.common.errors.GroupAuthorizationException: Not authorized to access group: console-consumer-4369
I am not sure where is it pointing to the console-consumer group.
Also, with the below script, I am not able to list the consumer groups. Do we have any other way to see the list of consumer groups?
./bin/kafka-consumer-groups.sh --bootstrap-server kafka.viswa.com:9094 --command-config /tmp/prod/consumer.properties --list
Need help here.
Upvotes: 1
Views: 12304
Answers (1)
Reputation: 103
The cli command you are using is correct. Maybe you don't have consumer groups to list?
So how are you consuming from the topic? Also by cli? Then you could use the script like this
./bin/kafka-console-consumer.sh --topic happy-topic --from-beginning --group happy-user-consumer-group --bootstrap-server kafka.viswa.com:9094 --command-config /tmp/prod/consumer.properties
to force the consumer using a certain consumer-group name. That one would be the one you authorized in your kafkauser CR. When you don't specify the --group Kafka is using a default group name, console-consumer-4369 in your case.
Hope this helps you, I would appreciate your feedback.
Good luck, Stephan
Upvotes: 4
Related Questions
- kafka-consumer-groups command issue
- Kafka consumer group id sharing issue
- Kafka Stream Exception: GroupAuthorizationException
- Kafka stream: "TopicAuthorizationException: Not authorized to access topics" for an internal state store
- Kafka consumer group does not exist while trying to retrieve detail about group
- Kafka producer/consuper Topic not authorized
- How to handle Not authorized to access topic ... in Kafka Streams
- Kafka Consumer from different group consuming from different partition of Topic
- Kafka TOPIC_AUTHORIZATION_FAILED
- Exception when consuming message from kafka