UserService

Written by

Calls UserService
Get
List
Create
Update
Delete
GrantPermission
RevokePermission

A set of methods for managing Kafka users.

Call	Description
Get	Returns the specified Kafka user.
List	Retrieves the list of Kafka users in the specified cluster.
Create	Creates a Kafka user in the specified cluster.
Update	Updates the specified Kafka user.
Delete	Deletes the specified Kafka user.
GrantPermission	Grants permission to the specified Kafka user.
RevokePermission	Revokes permission from the specified Kafka user.

Calls UserService

Get

Returns the specified Kafka user.
To get the list of available Kafka users, make a List request.

rpc Get (GetUserRequest) returns (User)

GetUserRequest

Field	Description
cluster_id	string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the Kafka user to return. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression `[a-zA-Z0-9_]*`.

User

Field	Description
name	string Name of the Kafka user.
cluster_id	string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request.
permissions[]	Permission Set of permissions granted to this user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

List

Retrieves the list of Kafka users in the specified cluster.

rpc List (ListUsersRequest) returns (ListUsersResponse)

ListUsersRequest

Field	Description
cluster_id	string Required. ID of the Apache Kafka® cluster to list Kafka users in. To get the Apache Kafka® cluster ID, make a ClusterService.List request. The maximum string length in characters is 50.
page_size	int64 The maximum number of results per page to return. If the number of available results is larger than `page_size`, the service returns a ListUsersResponse.next_page_token that can be used to get the next page of results in subsequent list requests. The maximum value is 1000.
page_token	string Page token. To get the next page of results, set `page_token` to the ListUsersResponse.next_page_token returned by a previous list request. The maximum string length in characters is 100.

ListUsersResponse

Field	Description
users[]	User List of Kafka users.
next_page_token	string This token allows you to get the next page of results for list requests. If the number of results is larger than ListUsersRequest.page_size, use the `next_page_token` as the value for the ListUsersRequest.page_token parameter in the next list request. Each subsequent list request will have its own `next_page_token` to continue paging through the results.

User

Field	Description
name	string Name of the Kafka user.
cluster_id	string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request.
permissions[]	Permission Set of permissions granted to this user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

Create

Creates a Kafka user in the specified cluster.

rpc Create (CreateUserRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:CreateUserMetadata

Operation.response:User

CreateUserRequest

Field	Description
cluster_id	string Required. ID of the Apache Kafka® cluster to create a user in. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50.
user_spec	UserSpec Required. Configuration of the user to create.

UserSpec

Field	Description
name	string Required. Name of the Kafka user. The string length in characters must be 1-256. Value must match the regular expression `[a-zA-Z0-9_]*`.
password	string Required. Password of the Kafka user. The string length in characters must be 8-128.
permissions[]	Permission Set of permissions granted to the user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<CreateUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<User> if operation finished successfully.

CreateUserMetadata

Field	Description
cluster_id	string ID of the Apache Kafka® cluster the user is being created in.
user_name	string Name of the user that is being created.

User

Field	Description
name	string Name of the Kafka user.
cluster_id	string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request.
permissions[]	Permission Set of permissions granted to this user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

Update

Updates the specified Kafka user.

rpc Update (UpdateUserRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:UpdateUserMetadata

Operation.response:User

UpdateUserRequest

Field	Description
cluster_id	string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the user to be updated. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression `[a-zA-Z0-9_]*`.
update_mask	google.protobuf.FieldMask
password	string New password for the user. The string length in characters must be 8-128.
permissions[]	Permission New set of permissions for the user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<UpdateUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<User> if operation finished successfully.

UpdateUserMetadata

Field	Description
cluster_id	string ID of the Apache Kafka® cluster the user belongs to.
user_name	string Name of the user that is being updated.

User

Field	Description
name	string Name of the Kafka user.
cluster_id	string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request.
permissions[]	Permission Set of permissions granted to this user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

Delete

Deletes the specified Kafka user.

rpc Delete (DeleteUserRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:DeleteUserMetadata

Operation.response:google.protobuf.Empty

DeleteUserRequest

Field	Description
cluster_id	string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the user to delete. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression `[a-zA-Z0-9_]*`.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<DeleteUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<google.protobuf.Empty> if operation finished successfully.

DeleteUserMetadata

Field	Description
cluster_id	string ID of the Apache Kafka® cluster the user belongs to.
user_name	string Name of the user that is being deleted.

GrantPermission

Grants permission to the specified Kafka user.

rpc GrantPermission (GrantUserPermissionRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:GrantUserPermissionMetadata

Operation.response:User

GrantUserPermissionRequest

Field	Description
cluster_id	string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the user to grant the permission to. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression `[a-zA-Z0-9_]*`.
permission	Permission Required. Permission that should be granted to the specified user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<GrantUserPermissionMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<User> if operation finished successfully.

GrantUserPermissionMetadata

Field	Description
cluster_id	string ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request.
user_name	string Name of the user that is being granted a permission.

User

Field	Description
name	string Name of the Kafka user.
cluster_id	string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request.
permissions[]	Permission Set of permissions granted to this user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

RevokePermission

Revokes permission from the specified Kafka user.

rpc RevokePermission (RevokeUserPermissionRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:RevokeUserPermissionMetadata

Operation.response:User

RevokeUserPermissionRequest

Field	Description
cluster_id	string Required. ID of the Apache Kafka® cluster the user belongs to. To get the cluster ID, make a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the user to revoke a permission from. To get the name of the user, make a UserService.List request. The string length in characters must be 1-63. Value must match the regular expression `[a-zA-Z0-9_]*`.
permission	Permission Required. Permission that should be revoked from the specified user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<RevokeUserPermissionMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<User> if operation finished successfully.

RevokeUserPermissionMetadata

Field	Description
cluster_id	string ID of the Apache Kafka® cluster the user belongs to.
user_name	string Name of the user whose permission is being revoked.

User

Field	Description
name	string Name of the Kafka user.
cluster_id	string ID of the Apache Kafka® cluster the user belongs to. To get the Apache Kafka® cluster ID, make a ClusterService.List request.
permissions[]	Permission Set of permissions granted to this user.

Permission

Field	Description
topic_name	string Name or prefix-pattern with wildcard for the topic that the permission grants access to. To get the topic name, make a TopicService.List request.
role	enum AccessRole Access role type to grant to the user. `ACCESS_ROLE_PRODUCER`: producer role for the user. `ACCESS_ROLE_CONSUMER`: consumer role for the user. `ACCESS_ROLE_ADMIN`: admin role for the user.

UserService

Calls UserService

Get

GetUserRequest

User

Permission

List

ListUsersRequest

ListUsersResponse

User

Permission

Create

CreateUserRequest

UserSpec

Permission

Operation

CreateUserMetadata

User

Permission

Update

UpdateUserRequest

Permission

Operation

UpdateUserMetadata

User

Permission

Delete

DeleteUserRequest

Operation

DeleteUserMetadata

GrantPermission

GrantUserPermissionRequest

Permission

Operation

GrantUserPermissionMetadata

User

Permission

RevokePermission

RevokeUserPermissionRequest

Permission

Operation

RevokeUserPermissionMetadata

User

Permission

Was the article helpful?