Lenses Resource Names (LRNs)
LRNs uniquely identify all resources that Lenses understands. Examples are a Lenses User, a Kafka topic or a Kafka-Connect connector.
Use an LRN to specify a resource across all of Lenses, unambiguously:
To add topic permissions for a team in IAM permissions.
To share a consumer-group reference with a colleague.
LRN format
The top-level format has 3 parts called segments. A semi-colon : separates them:
service
service is the namespace of the Lenses service that manages a set of resource types.
e.g. kafka for things like topics and consumer groups.
resource-type
resource-type is the type of resources that are served by a service.
e.g. topic for a Kafka topic, consumer-group for a Kafka consumer group. They both belong to the kafka service.
resource-id
resource-id is the unique name or path that identifies a resource. The resource ID is specific to a service and resource type. The resource ID can be:
a single resource name, e.g. :
lucy.clearview@lenses.iofor a user resource name.The full LRN would be
iam:user:lucy.clearview@lenses.io.
a nested resource path that contains slashes
/e.g. :dev-environment/kafka/my-topicfor a kafka topic.The full LRN would be
kafka:topic:dev-environment/kafka/my-topic.
Examples
IAM user
Kafka topic
Kafka consumer group
Schema Registry schema
Kafka Connect connector
Allowed characters
LRNs separate top-level segments with a colon : and resource path segments with a slash /.
A segment may have:
Alphanumeric characters:
a-z, A-Z, 0-9Hyphen symbols only:
-
Using wildcards
Use the wildcard asterisk * to express catch-all LRNs.
Good examples
Use these examples to express multiple resources easily.
*
*
Global wildcard.
Capture all the resources that Lenses manages.
"Everything"
service:*
kafka:*
Service-specific wildcard.
Capture all the resources for a service.
"All Kafka resources in all environments, i.e. topics, consumer groups, acls and quotas"
service:resource-type:*
kafka:topic:*
Resource-type-specific wildcard.
Capture all the resources for a type of resources of a service.
"All Kafka topics in all environments"
service:resource-type:parent/*/grandchild
kafka-connect:connector:dev-environment/*/my-s3-sink
Path segment wildcard.
Capture a part of the resource path.
"All connectors named 'my-s3-sink' in all Connect clusters under the environment 'dev-environment' "
service:resource-type:resourcePa*
kafka:topic:dev-environment/kafka/red-*
Trailing wildcard.
This wildcard is at the end of an LRN. It acts as a 'globstar' (**) and matches against the rest of the string.
Capture the resources that start with the given path prefix.
"All Kafka topics in the environment 'dev-environment' whose name starts with 'red-' "
service:resource-type:paren*/chil*/grandchil*
kafka-connect:connector:dev*/sinks*/s3*
Path suffix wildcard.
Capture resources where different path segments start with certain prefixes.
"All connectors in all environments that start with 'dev', within any Connect cluster that starts with 'sinks' and where the connector name starts with 's3' "
Bad examples
Avoid these examples because they are ambiguous. Lenses does not allow them.
servic*:resource-type:resource-id
kafk*:*:dev-environment/
or
*:topic:dev-environment/
No wildcards allowed at the service level. A service must be its full string.
Global wildcard *
service:resource-typ*:resource-id
kafka:topi*:dev-environment/*
No wilcards allowed at the resource-type level. A resource type must be its full string.
Service-specific wildcard service:*
No resource-id segments allowed in this case.
Last updated
