Skip to content

Commit c8edf06

Browse files
vlastahajekbednar
vlastahajek
authored and
bednar
committed
feat: nww kafka sasl oauth params
1 parent 2b6efa8 commit c8edf06

File tree

1 file changed

+45
-3
lines changed
  • content/kapacitor/v1/reference/event_handlers

1 file changed

+45
-3
lines changed

content/kapacitor/v1/reference/event_handlers/kafka.md

Lines changed: 45 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ Below is an example configuration:
3737
# Optional SASL configuration
3838
sasl-username = "xxxxx"
3939
sasl-password = "xxxxxxxx"
40+
sasl-extensions = {}
4041
sasl-mechanism = ""
4142
sasl-version = ""
4243
# Use if sasl-mechanism is GSSAPI. GSSAPI is for organizations using Kerberos.
@@ -46,7 +47,16 @@ Below is an example configuration:
4647
sasl-gssapi-kerberos-config-path = "/"
4748
sasl-gssapi-key-tab-path = ""
4849
sasl-gssapi-realm = "realm"
49-
# Use if sasl-mechanism is `OAUTHBEARER` (experimental).
50+
# Options if sasl-mechanism is OAUTHBEARER
51+
sasl-oauth-service = "auth0"
52+
sasl-oauth-client-id = "xxxxxxx"
53+
sasl-oauth-client-secret = "xxxxxxxx"
54+
sasl-oauth-token-url = "dedicated-auth0-token-url"
55+
sasl-oauth-token-expiry-margin = "10s"
56+
sasl-oauth-scopes = ""
57+
sasl-oauth-tenant-id = ""
58+
[kafka.sasl-oauth-parameters]
59+
audience = "development"
5060
sasl-access-token = ""
5161

5262
```
@@ -102,8 +112,11 @@ Username to use for SASL authentication.
102112
#### sasl-password
103113
Password to use for SASL authentication.
104114

115+
### sasl-extensions
116+
Arbitrary key value string pairs to pass as a TOML table
117+
105118
#### sasl-mechanism
106-
SASL mechanism type. Options include `GSSAPI`, `OAUTHBEARER`, `PLAIN`.
119+
SASL mechanism type. Options include `GSSAPI`, `OAUTHBEARER`, `PLAIN`, `SCRAM-SHA-256`, `SCRAM-SHA-512`.
107120

108121
#### sasl-version
109122
SASL protocol version.
@@ -126,8 +139,37 @@ Path to the Kerberos key tab.
126139
#### sasl-gssapi-realm
127140
Default Kerberos realm.
128141

142+
### Options if sasl-mechanism is OAUTHBEARER
143+
#### sasl-oauth-service
144+
The service name to use when authenticating with SASL/OAUTH.
145+
One of:
146+
- `""` (empty) or `custom`
147+
- `auth0`
148+
- `azuread`
149+
150+
#### sasl-oauth-client-id
151+
The client ID to use when authenticating with SASL/OAUTH.
152+
153+
#### sasl-oauth-client-secret
154+
The client secret to use when authenticating with SASL/OAUTH.
155+
156+
#### sasl-oauth-token-url
157+
The token URL to use when sasl-oauth-service is `custom` or `auth0`. Leave empty otherwise.
158+
159+
#### sasl-oauth-token-expiry-margin
160+
The expiry margin for the token.
161+
162+
#### sasl-oauth-scopes
163+
Optional scopes to use when authenticating with SASL/OAUTH.
164+
165+
#### sasl-oauth-tenant-id
166+
Tenant ID for the AzureAD service.
167+
168+
#### [kafka.sasl-oauth-parameters]
169+
The optional key/value params for SASL/OAUTH. e.g. audience for AUTH0
170+
129171
#### sasl-access-token
130-
Used if the SASL mechanism is `OAUTHBEARER` (experimental).
172+
Static OAUTH token. Use this instead of other OAUTH params.
131173

132174
## Options
133175
The following Kafka event handler options can be set in a

0 commit comments

Comments
 (0)