Description
Confluent Cloud client application throws authorization exception (i.e, TopicAuthorizationFailedError, TOPIC_AUTHORIZATION_FAILED) when consuming or producing to a topic.
Applies To
Librdkafka clients
Java clients
Resolution
Verify Permissions are configured correctly using Confluent CLI:
- Ensure that the ACL is set for the Service Account.
Note: Make sure to use --cluster flag to list only ACLs for the cluster where the topic is located. Otherwise ACLs will be listed from unrelated clusters.
- confluent kafka acl list --service-account sa-12345 --cluster lkc-12345
- confluent kafka acl list --service-account sa-12345 --cluster lkc-12345
- Ensure that API key is associated with the correct Service Account
- confluent api-key list --resource lkc-12345 --service-account sa-12345