Sub-section 3 of7
In Progress

Creation of Policy (Kafka Topic & User) Domain Operation Items

Evan Linwood November 24, 2021

The Kafka messaging bus is built around the use of ‘topics’ as channels over which messages are handled. Kafka uses a ‘publish and subscribe’ based form of messaging transport, under which messaging clients must subscribe to specific Kafka topics in order to receive messages.

The first step towards configuring an overall platform integration setup within ArenaCore is to define a Policy Holder item within the Directory Manager that contains a hierarchy of Policy Item and Policy Item values that serve as ‘Domain Operation’ items.

Note that Policy Items and Values are a generalised way of defining useful attributes that can be used in various places within the ArenaCore platform (for a range of purposes). Policy Holders are simply the containers that are used to hold Policy Items and Values.

In this case we are creating ‘Domain Operation’ type Policy Items & Values, as these are required to subsequently build Domain Roles, which can then be used in the context of Management Domain items (which are described in the pages following this one).

Firstly, open the Directory Manager from the main workspace of the ArenaCore Administration Application.

As for all object item types created within the Directory Manager, it is necessary first to select the desired Organisation Unit under which the item being created should be situated. (Note that this is simply a place for the Policy Holder item to ‘live’ within the directory structure – it may actually wind up affecting items in other unrelated areas of your directory hierarchy).

Organisation Unit selection:

Once the desired Organisation Unit has been selected, it is a good idea to select the ‘Policies’ tab such that any newly created Policy Holder items will become visible there following creation:

Next, initiate the creation of a new Policy Holder item by clicking on the primary green ‘Create’ button, and selecting ‘Create Policy Holder’ from the drop down menu:

Following this, a new Policy Holder item will be presented. Enter a name for this Policy Holder, and then create a new Policy Item using the ‘TASKS’ menu situated above the ‘Policy Items’ list:

This action will result in the ‘Add New Policy Definition’ dialog appearing. Note that it is critical to select the ‘RBAC Domain Operation Type’ option from the available list of choices within the ‘Policy Type’ dropdown control:

Complete the remaining fields within this dialog. Note that the ‘Topic Segment’ field is used to specify the first of two user-definable segments within the Kafka topic name that will ultimately be created. (The format for Kafka topic names under ArenaCore is described within ArenaCore Kafka Topic Naming). Note that the naming used in this example (which is based around a specific manufacturer) is being done in anticipation of a Resource Filter rule that will applied later during Domain Role definition. Note also that a value for ‘Policy Desc’ must be entered:

Following this it is possible now to create a Policy Item Value. This is done by first selecting the just newly created Policy Item, and selecting ‘Add Policy Item’ from the TASKS menu above the Policy Item Values list:

This will cause the ‘Add New Policy value’ dialog to be presented. Note that the Item Type will be preselected to ‘RBAC_Domain_operation’:

The ‘Topic Segment’ field here is used to specify the second of two user-definable segments within the Kafka topic name that will ultimately be created. (The format for Kafka topic names under ArenaCore is described within ArenaCore Kafka Topic Naming). In this case, the naming anticipates that the topic will be used for items located within a specific DC/Room/Rack location. The Operation Name must be supplied (this is used only for presentation in user interface elements elsewhere in the Directory Manager). The value entered into the Username field specifies the Kafka user name that will be created in association with the new topic being created. Once the Save button is clicked, the resulting Policy Holder item including the new Policy Value and child Policy Item will appear as follows:

If either of the Save or Save & Close buttons are clicked now, this will cause creation (firstly) of the new Policy Holder definition. Additionally, it will cause creation of a new Kafka topic, Kafka username and the assignment of the appropriate ACL rights within the Kafka environment. Additionally, an email containing the password associated with the new Kafka user will be generated and sent automatically to you.

Sub-section Content
0% Complete 0/2 Steps