[Verse 1] Sarah needs producer access to payment topics now Map her KafkaUser to departmental vows Finance team requires consume permissions wide While developers need admin rights to guide Documentation trails must capture every grant Organizational charts become our compliance chant [Chorus] M-A-P the roles, document the flow Access Control Lists help auditors know R-B-A-C patterns, evidence so clear SOC2 and ISO want to see it here Change workflows locked, approvals in sight Kafka permissions done exactly right [Verse 2] Marketing reads analytics, sales writes leads Engineering clusters need administrative deeds Each KafkaUser spec reflects the human role JSON manifests tell the access story whole Quarterly reviews check entitlements align Delete unused accounts before compliance time [Chorus] M-A-P the roles, document the flow Access Control Lists help auditors know R-B-A-C patterns, evidence so clear SOC2 and ISO want to see it here Change workflows locked, approvals in sight Kafka permissions done exactly right [Bridge] Topic creation needs approval gates User modifications can't tempt fate Pull request reviews before deploy GitOps pipelines that we employ Separation duties, dual controls Evidence gathering for audit goals [Verse 3] Principal mappings trace to employee ID Resource patterns group by sensitivity Allow and deny rules precisely drawn Revocation happens when staff moves on Matrix spreadsheets cross-reference clean Best documented system auditors have seen [Chorus] M-A-P the roles, document the flow Access Control Lists help auditors know R-B-A-C patterns, evidence so clear SOC2 and ISO want to see it here Change workflows locked, approvals in sight Kafka permissions done exactly right [Outro] Documentation fortress stands secure Compliance frameworks we endure Strimzi access patterns crystal pure Organizational mapping we ensure
← 3 Encryption & Key Management | Appendix A: Quick Reference — Strimzi CRD Cheat Sheet →