Constant Field Values

Contents

org.apache.*

  • org.apache.kafka.common.config.AbstractConfig 
    Modifier and Type Constant Field Value
    public static final String CONFIG_PROVIDERS_CONFIG "config.providers"
  • org.apache.kafka.common.config.LogLevelConfig 
    Modifier and Type Constant Field Value
    public static final String DEBUG_LOG_LEVEL "DEBUG"
    public static final String ERROR_LOG_LEVEL "ERROR"
    public static final String FATAL_LOG_LEVEL "FATAL"
    public static final String INFO_LOG_LEVEL "INFO"
    public static final String TRACE_LOG_LEVEL "TRACE"
    public static final String WARN_LOG_LEVEL "WARN"
  • org.apache.kafka.common.config.SaslConfigs 
    Modifier and Type Constant Field Value
    public static final String DEFAULT_KERBEROS_KINIT_CMD "/usr/bin/kinit"
    public static final long DEFAULT_KERBEROS_MIN_TIME_BEFORE_RELOGIN 60000L
    public static final double DEFAULT_KERBEROS_TICKET_RENEW_JITTER 0.05
    public static final double DEFAULT_KERBEROS_TICKET_RENEW_WINDOW_FACTOR 0.8
    public static final short DEFAULT_LOGIN_REFRESH_BUFFER_SECONDS 300
    public static final short DEFAULT_LOGIN_REFRESH_MIN_PERIOD_SECONDS 60
    public static final double DEFAULT_LOGIN_REFRESH_WINDOW_FACTOR 0.8
    public static final double DEFAULT_LOGIN_REFRESH_WINDOW_JITTER 0.05
    public static final long DEFAULT_SASL_LOGIN_RETRY_BACKOFF_MAX_MS 10000L
    public static final long DEFAULT_SASL_LOGIN_RETRY_BACKOFF_MS 100L
    public static final String DEFAULT_SASL_MECHANISM "GSSAPI"
    public static final int DEFAULT_SASL_OAUTHBEARER_CLOCK_SKEW_SECONDS 30
    public static final long DEFAULT_SASL_OAUTHBEARER_JWKS_ENDPOINT_REFRESH_MS 3600000L
    public static final long DEFAULT_SASL_OAUTHBEARER_JWKS_ENDPOINT_RETRY_BACKOFF_MAX_MS 10000L
    public static final long DEFAULT_SASL_OAUTHBEARER_JWKS_ENDPOINT_RETRY_BACKOFF_MS 100L
    public static final String DEFAULT_SASL_OAUTHBEARER_SCOPE_CLAIM_NAME "scope"
    public static final String DEFAULT_SASL_OAUTHBEARER_SUB_CLAIM_NAME "sub"
    public static final String GSSAPI_MECHANISM "GSSAPI"
    public static final String SASL_CLIENT_CALLBACK_HANDLER_CLASS "sasl.client.callback.handler.class"
    public static final String SASL_CLIENT_CALLBACK_HANDLER_CLASS_DOC "The fully qualified name of a SASL client callback handler class that implements the AuthenticateCallbackHandler interface."
    public static final String SASL_JAAS_CONFIG "sasl.jaas.config"
    public static final String SASL_JAAS_CONFIG_DOC "JAAS login context parameters for SASL connections in the format used by JAAS configuration files. JAAS configuration file format is described <a href=\"https://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/tutorials/LoginConfigFile.html\">here</a>. The format for the value is: <code>loginModuleClass controlFlag (optionName=optionValue)*;</code>. For brokers, the config must be prefixed with listener prefix and SASL mechanism name in lower-case. For example, listener.name.sasl_ssl.scram-sha-256.sasl.jaas.config=com.example.ScramLoginModule required;"
    public static final String SASL_KERBEROS_KINIT_CMD "sasl.kerberos.kinit.cmd"
    public static final String SASL_KERBEROS_KINIT_CMD_DOC "Kerberos kinit command path."
    public static final String SASL_KERBEROS_MIN_TIME_BEFORE_RELOGIN "sasl.kerberos.min.time.before.relogin"
    public static final String SASL_KERBEROS_MIN_TIME_BEFORE_RELOGIN_DOC "Login thread sleep time between refresh attempts."
    public static final String SASL_KERBEROS_SERVICE_NAME "sasl.kerberos.service.name"
    public static final String SASL_KERBEROS_SERVICE_NAME_DOC "The Kerberos principal name that Kafka runs as. This can be defined either in Kafka\'s JAAS config or in Kafka\'s config."
    public static final String SASL_KERBEROS_TICKET_RENEW_JITTER "sasl.kerberos.ticket.renew.jitter"
    public static final String SASL_KERBEROS_TICKET_RENEW_JITTER_DOC "Percentage of random jitter added to the renewal time."
    public static final String SASL_KERBEROS_TICKET_RENEW_WINDOW_FACTOR "sasl.kerberos.ticket.renew.window.factor"
    public static final String SASL_KERBEROS_TICKET_RENEW_WINDOW_FACTOR_DOC "Login thread will sleep until the specified window factor of time from last refresh to ticket\'s expiry has been reached, at which time it will try to renew the ticket."
    public static final String SASL_LOGIN_CALLBACK_HANDLER_CLASS "sasl.login.callback.handler.class"
    public static final String SASL_LOGIN_CALLBACK_HANDLER_CLASS_DOC "The fully qualified name of a SASL login callback handler class that implements the AuthenticateCallbackHandler interface. For brokers, login callback handler config must be prefixed with listener prefix and SASL mechanism name in lower-case. For example, listener.name.sasl_ssl.scram-sha-256.sasl.login.callback.handler.class=com.example.CustomScramLoginCallbackHandler"
    public static final String SASL_LOGIN_CLASS "sasl.login.class"
    public static final String SASL_LOGIN_CLASS_DOC "The fully qualified name of a class that implements the Login interface. For brokers, login config must be prefixed with listener prefix and SASL mechanism name in lower-case. For example, listener.name.sasl_ssl.scram-sha-256.sasl.login.class=com.example.CustomScramLogin"
    public static final String SASL_LOGIN_CONNECT_TIMEOUT_MS "sasl.login.connect.timeout.ms"
    public static final String SASL_LOGIN_CONNECT_TIMEOUT_MS_DOC "The (optional) value in milliseconds for the external authentication provider connection timeout. Currently applies only to OAUTHBEARER."
    public static final String SASL_LOGIN_READ_TIMEOUT_MS "sasl.login.read.timeout.ms"
    public static final String SASL_LOGIN_READ_TIMEOUT_MS_DOC "The (optional) value in milliseconds for the external authentication provider read timeout. Currently applies only to OAUTHBEARER."
    public static final String SASL_LOGIN_REFRESH_BUFFER_SECONDS "sasl.login.refresh.buffer.seconds"
    public static final String SASL_LOGIN_REFRESH_BUFFER_SECONDS_DOC "The amount of buffer time before credential expiration to maintain when refreshing a credential, in seconds. If a refresh would otherwise occur closer to expiration than the number of buffer seconds then the refresh will be moved up to maintain as much of the buffer time as possible. Legal values are between 0 and 3600 (1 hour); a default value of 300 (5 minutes) is used if no value is specified. This value and sasl.login.refresh.min.period.seconds are both ignored if their sum exceeds the remaining lifetime of a credential. Currently applies only to OAUTHBEARER."
    public static final String SASL_LOGIN_REFRESH_MIN_PERIOD_SECONDS "sasl.login.refresh.min.period.seconds"
    public static final String SASL_LOGIN_REFRESH_MIN_PERIOD_SECONDS_DOC "The desired minimum time for the login refresh thread to wait before refreshing a credential, in seconds. Legal values are between 0 and 900 (15 minutes); a default value of 60 (1 minute) is used if no value is specified. This value and sasl.login.refresh.buffer.seconds are both ignored if their sum exceeds the remaining lifetime of a credential. Currently applies only to OAUTHBEARER."
    public static final String SASL_LOGIN_REFRESH_WINDOW_FACTOR "sasl.login.refresh.window.factor"
    public static final String SASL_LOGIN_REFRESH_WINDOW_FACTOR_DOC "Login refresh thread will sleep until the specified window factor relative to the credential\'s lifetime has been reached, at which time it will try to refresh the credential. Legal values are between 0.5 (50%) and 1.0 (100%) inclusive; a default value of 0.8 (80%) is used if no value is specified. Currently applies only to OAUTHBEARER."
    public static final String SASL_LOGIN_REFRESH_WINDOW_JITTER "sasl.login.refresh.window.jitter"
    public static final String SASL_LOGIN_REFRESH_WINDOW_JITTER_DOC "The maximum amount of random jitter relative to the credential\'s lifetime that is added to the login refresh thread\'s sleep time. Legal values are between 0 and 0.25 (25%) inclusive; a default value of 0.05 (5%) is used if no value is specified. Currently applies only to OAUTHBEARER."
    public static final String SASL_LOGIN_RETRY_BACKOFF_MAX_MS "sasl.login.retry.backoff.max.ms"
    public static final String SASL_LOGIN_RETRY_BACKOFF_MAX_MS_DOC "The (optional) value in milliseconds for the maximum wait between login attempts to the external authentication provider. Login uses an exponential backoff algorithm with an initial wait based on the sasl.login.retry.backoff.ms setting and will double in wait length between attempts up to a maximum wait length specified by the sasl.login.retry.backoff.max.ms setting. Currently applies only to OAUTHBEARER."
    public static final String SASL_LOGIN_RETRY_BACKOFF_MS "sasl.login.retry.backoff.ms"
    public static final String SASL_LOGIN_RETRY_BACKOFF_MS_DOC "The (optional) value in milliseconds for the initial wait between login attempts to the external authentication provider. Login uses an exponential backoff algorithm with an initial wait based on the sasl.login.retry.backoff.ms setting and will double in wait length between attempts up to a maximum wait length specified by the sasl.login.retry.backoff.max.ms setting. Currently applies only to OAUTHBEARER."
    public static final String SASL_MECHANISM "sasl.mechanism"
    public static final String SASL_MECHANISM_DOC "SASL mechanism used for client connections. This may be any mechanism for which a security provider is available. GSSAPI is the default mechanism."
    public static final String SASL_OAUTHBEARER_CLOCK_SKEW_SECONDS "sasl.oauthbearer.clock.skew.seconds"
    public static final String SASL_OAUTHBEARER_CLOCK_SKEW_SECONDS_DOC "The (optional) value in seconds to allow for differences between the time of the OAuth/OIDC identity provider and the broker."
    public static final String SASL_OAUTHBEARER_EXPECTED_AUDIENCE "sasl.oauthbearer.expected.audience"
    public static final String SASL_OAUTHBEARER_EXPECTED_AUDIENCE_DOC "The (optional) comma-delimited setting for the broker to use to verify that the JWT was issued for one of the expected audiences. The JWT will be inspected for the standard OAuth \"aud\" claim and if this value is set, the broker will match the value from JWT\'s \"aud\" claim to see if there is an exact match. If there is no match, the broker will reject the JWT and authentication will fail."
    public static final String SASL_OAUTHBEARER_EXPECTED_ISSUER "sasl.oauthbearer.expected.issuer"
    public static final String SASL_OAUTHBEARER_EXPECTED_ISSUER_DOC "The (optional) setting for the broker to use to verify that the JWT was created by the expected issuer. The JWT will be inspected for the standard OAuth \"iss\" claim and if this value is set, the broker will match it exactly against what is in the JWT\'s \"iss\" claim. If there is no match, the broker will reject the JWT and authentication will fail."
    public static final String SASL_OAUTHBEARER_JWKS_ENDPOINT_REFRESH_MS "sasl.oauthbearer.jwks.endpoint.refresh.ms"
    public static final String SASL_OAUTHBEARER_JWKS_ENDPOINT_REFRESH_MS_DOC "The (optional) value in milliseconds for the broker to wait between refreshing its JWKS (JSON Web Key Set) cache that contains the keys to verify the signature of the JWT."
    public static final String SASL_OAUTHBEARER_JWKS_ENDPOINT_RETRY_BACKOFF_MAX_MS "sasl.oauthbearer.jwks.endpoint.retry.backoff.max.ms"
    public static final String SASL_OAUTHBEARER_JWKS_ENDPOINT_RETRY_BACKOFF_MAX_MS_DOC "The (optional) value in milliseconds for the maximum wait between attempts to retrieve the JWKS (JSON Web Key Set) from the external authentication provider. JWKS retrieval uses an exponential backoff algorithm with an initial wait based on the sasl.oauthbearer.jwks.endpoint.retry.backoff.ms setting and will double in wait length between attempts up to a maximum wait length specified by the sasl.oauthbearer.jwks.endpoint.retry.backoff.max.ms setting."
    public static final String SASL_OAUTHBEARER_JWKS_ENDPOINT_RETRY_BACKOFF_MS "sasl.oauthbearer.jwks.endpoint.retry.backoff.ms"
    public static final String SASL_OAUTHBEARER_JWKS_ENDPOINT_RETRY_BACKOFF_MS_DOC "The (optional) value in milliseconds for the initial wait between JWKS (JSON Web Key Set) retrieval attempts from the external authentication provider. JWKS retrieval uses an exponential backoff algorithm with an initial wait based on the sasl.oauthbearer.jwks.endpoint.retry.backoff.ms setting and will double in wait length between attempts up to a maximum wait length specified by the sasl.oauthbearer.jwks.endpoint.retry.backoff.max.ms setting."
    public static final String SASL_OAUTHBEARER_JWKS_ENDPOINT_URL "sasl.oauthbearer.jwks.endpoint.url"
    public static final String SASL_OAUTHBEARER_JWKS_ENDPOINT_URL_DOC "The OAuth/OIDC provider URL from which the provider\'s <a href=\"https://datatracker.ietf.org/doc/html/rfc7517#section-5\">JWKS (JSON Web Key Set)</a> can be retrieved. The URL can be HTTP(S)-based or file-based. If the URL is HTTP(S)-based, the JWKS data will be retrieved from the OAuth/OIDC provider via the configured URL on broker startup. All then-current keys will be cached on the broker for incoming requests. If an authentication request is received for a JWT that includes a \"kid\" header claim value that isn\'t yet in the cache, the JWKS endpoint will be queried again on demand. However, the broker polls the URL every sasl.oauthbearer.jwks.endpoint.refresh.ms milliseconds to refresh the cache with any forthcoming keys before any JWT requests that include them are received. If the URL is file-based, the broker will load the JWKS file from a configured location on startup. In the event that the JWT includes a \"kid\" header value that isn\'t in the JWKS file, the broker will reject the JWT and authentication will fail."
    public static final String SASL_OAUTHBEARER_SCOPE_CLAIM_NAME "sasl.oauthbearer.scope.claim.name"
    public static final String SASL_OAUTHBEARER_SCOPE_CLAIM_NAME_DOC "The OAuth claim for the scope is often named \"scope\", but this (optional) setting can provide a different name to use for the scope included in the JWT payload\'s claims if the OAuth/OIDC provider uses a different name for that claim."
    public static final String SASL_OAUTHBEARER_SUB_CLAIM_NAME "sasl.oauthbearer.sub.claim.name"
    public static final String SASL_OAUTHBEARER_SUB_CLAIM_NAME_DOC "The OAuth claim for the subject is often named \"sub\", but this (optional) setting can provide a different name to use for the subject included in the JWT payload\'s claims if the OAuth/OIDC provider uses a different name for that claim."
    public static final String SASL_OAUTHBEARER_TOKEN_ENDPOINT_URL "sasl.oauthbearer.token.endpoint.url"
    public static final String SASL_OAUTHBEARER_TOKEN_ENDPOINT_URL_DOC "The URL for the OAuth/OIDC identity provider. If the URL is HTTP(S)-based, it is the issuer\'s token endpoint URL to which requests will be made to login based on the configuration in sasl.jaas.config. If the URL is file-based, it specifies a file containing an access token (in JWT serialized form) issued by the OAuth/OIDC identity provider to use for authorization."
  • org.apache.kafka.common.config.SecurityConfig 
    Modifier and Type Constant Field Value
    public static final String SECURITY_PROVIDERS_CONFIG "security.providers"
    public static final String SECURITY_PROVIDERS_DOC "A list of configurable creator classes each returning a provider implementing security algorithms. These classes should implement the <code>org.apache.kafka.common.security.auth.SecurityProviderCreator</code> interface."
  • org.apache.kafka.common.config.SslConfigs 
    Modifier and Type Constant Field Value
    public static final String DEFAULT_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM "https"
    public static final String DEFAULT_SSL_KEYSTORE_TYPE "JKS"
    public static final String DEFAULT_SSL_TRUSTSTORE_TYPE "JKS"
    public static final String SSL_CIPHER_SUITES_CONFIG "ssl.cipher.suites"
    public static final String SSL_CIPHER_SUITES_DOC "A list of cipher suites. This is a named combination of authentication, encryption, MAC and key exchange algorithm used to negotiate the security settings for a network connection using TLS or SSL network protocol. By default all the available cipher suites are supported."
    public static final String SSL_ENABLED_PROTOCOLS_CONFIG "ssl.enabled.protocols"
    public static final String SSL_ENABLED_PROTOCOLS_DOC "The list of protocols enabled for SSL connections. The default is \'TLSv1.2,TLSv1.3\' when running with Java 11 or newer, \'TLSv1.2\' otherwise. With the default value for Java 11, clients and servers will prefer TLSv1.3 if both support it and fallback to TLSv1.2 otherwise (assuming both support at least TLSv1.2). This default should be fine for most cases. Also see the config documentation for `ssl.protocol`."
    public static final String SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG "ssl.endpoint.identification.algorithm"
    public static final String SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_DOC "The endpoint identification algorithm to validate server hostname using server certificate. "
    public static final String SSL_ENGINE_FACTORY_CLASS_CONFIG "ssl.engine.factory.class"
    public static final String SSL_ENGINE_FACTORY_CLASS_DOC "The class of type org.apache.kafka.common.security.auth.SslEngineFactory to provide SSLEngine objects. Default value is org.apache.kafka.common.security.ssl.DefaultSslEngineFactory"
    public static final String SSL_KEY_PASSWORD_CONFIG "ssl.key.password"
    public static final String SSL_KEY_PASSWORD_DOC "The password of the private key in the key store file or the PEM key specified in \'ssl.keystore.key\'."
    public static final String SSL_KEYMANAGER_ALGORITHM_CONFIG "ssl.keymanager.algorithm"
    public static final String SSL_KEYMANAGER_ALGORITHM_DOC "The algorithm used by key manager factory for SSL connections. Default value is the key manager factory algorithm configured for the Java Virtual Machine."
    public static final String SSL_KEYSTORE_CERTIFICATE_CHAIN_CONFIG "ssl.keystore.certificate.chain"
    public static final String SSL_KEYSTORE_CERTIFICATE_CHAIN_DOC "Certificate chain in the format specified by \'ssl.keystore.type\'. Default SSL engine factory supports only PEM format with a list of X.509 certificates"
    public static final String SSL_KEYSTORE_KEY_CONFIG "ssl.keystore.key"
    public static final String SSL_KEYSTORE_KEY_DOC "Private key in the format specified by \'ssl.keystore.type\'. Default SSL engine factory supports only PEM format with PKCS#8 keys. If the key is encrypted, key password must be specified using \'ssl.key.password\'"
    public static final String SSL_KEYSTORE_LOCATION_CONFIG "ssl.keystore.location"
    public static final String SSL_KEYSTORE_LOCATION_DOC "The location of the key store file. This is optional for client and can be used for two-way authentication for client."
    public static final String SSL_KEYSTORE_PASSWORD_CONFIG "ssl.keystore.password"
    public static final String SSL_KEYSTORE_PASSWORD_DOC "The store password for the key store file. This is optional for client and only needed if \'ssl.keystore.location\' is configured. Key store password is not supported for PEM format."
    public static final String SSL_KEYSTORE_TYPE_CONFIG "ssl.keystore.type"
    public static final String SSL_KEYSTORE_TYPE_DOC "The file format of the key store file. This is optional for client. The values currently supported by the default `ssl.engine.factory.class` are [JKS, PKCS12, PEM]."
    public static final String SSL_PROTOCOL_CONFIG "ssl.protocol"
    public static final String SSL_PROTOCOL_DOC "The SSL protocol used to generate the SSLContext. The default is \'TLSv1.3\' when running with Java 11 or newer, \'TLSv1.2\' otherwise. This value should be fine for most use cases. Allowed values in recent JVMs are \'TLSv1.2\' and \'TLSv1.3\'. \'TLS\', \'TLSv1.1\', \'SSL\', \'SSLv2\' and \'SSLv3\' may be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities. With the default value for this config and \'ssl.enabled.protocols\', clients will downgrade to \'TLSv1.2\' if the server does not support \'TLSv1.3\'. If this config is set to \'TLSv1.2\', clients will not use \'TLSv1.3\' even if it is one of the values in ssl.enabled.protocols and the server only supports \'TLSv1.3\'."
    public static final String SSL_PROVIDER_CONFIG "ssl.provider"
    public static final String SSL_PROVIDER_DOC "The name of the security provider used for SSL connections. Default value is the default security provider of the JVM."
    public static final String SSL_SECURE_RANDOM_IMPLEMENTATION_CONFIG "ssl.secure.random.implementation"
    public static final String SSL_SECURE_RANDOM_IMPLEMENTATION_DOC "The SecureRandom PRNG implementation to use for SSL cryptography operations. "
    public static final String SSL_TRUSTMANAGER_ALGORITHM_CONFIG "ssl.trustmanager.algorithm"
    public static final String SSL_TRUSTMANAGER_ALGORITHM_DOC "The algorithm used by trust manager factory for SSL connections. Default value is the trust manager factory algorithm configured for the Java Virtual Machine."
    public static final String SSL_TRUSTSTORE_CERTIFICATES_CONFIG "ssl.truststore.certificates"
    public static final String SSL_TRUSTSTORE_CERTIFICATES_DOC "Trusted certificates in the format specified by \'ssl.truststore.type\'. Default SSL engine factory supports only PEM format with X.509 certificates."
    public static final String SSL_TRUSTSTORE_LOCATION_CONFIG "ssl.truststore.location"
    public static final String SSL_TRUSTSTORE_LOCATION_DOC "The location of the trust store file."
    public static final String SSL_TRUSTSTORE_PASSWORD_CONFIG "ssl.truststore.password"
    public static final String SSL_TRUSTSTORE_PASSWORD_DOC "The password for the trust store file. If a password is not set, trust store file configured will still be used, but integrity checking is disabled. Trust store password is not supported for PEM format."
    public static final String SSL_TRUSTSTORE_TYPE_CONFIG "ssl.truststore.type"
    public static final String SSL_TRUSTSTORE_TYPE_DOC "The file format of the trust store file. The values currently supported by the default `ssl.engine.factory.class` are [JKS, PKCS12, PEM]."
  • org.apache.kafka.common.config.TopicConfig 
    Modifier and Type Constant Field Value
    public static final String CLEANUP_POLICY_COMPACT "compact"
    public static final String CLEANUP_POLICY_CONFIG "cleanup.policy"
    public static final String CLEANUP_POLICY_DELETE "delete"
    public static final String CLEANUP_POLICY_DOC "This config designates the retention policy to use on log segments. The \"delete\" policy (which is the default) will discard old segments when their retention time or size limit has been reached. The \"compact\" policy will enable <a href=\"#compaction\">log compaction</a>, which retains the latest value for each key. It is also possible to specify both policies in a comma-separated list (e.g. \"delete,compact\"). In this case, old segments will be discarded per the retention time and size configuration, while retained segments will be compacted."
    public static final String COMPRESSION_TYPE_CONFIG "compression.type"
    public static final String COMPRESSION_TYPE_DOC "Specify the final compression type for a given topic. This configuration accepts the standard compression codecs (\'gzip\', \'snappy\', \'lz4\', \'zstd\'). It additionally accepts \'uncompressed\' which is equivalent to no compression; and \'producer\' which means retain the original compression codec set by the producer."
    public static final String DELETE_RETENTION_MS_CONFIG "delete.retention.ms"
    public static final String DELETE_RETENTION_MS_DOC "The amount of time to retain delete tombstone markers for <a href=\"#compaction\">log compacted</a> topics. This setting also gives a bound on the time in which a consumer must complete a read if they begin from offset 0 to ensure that they get a valid snapshot of the final stage (otherwise delete tombstones may be collected before they complete their scan)."
    public static final String FILE_DELETE_DELAY_MS_CONFIG "file.delete.delay.ms"
    public static final String FILE_DELETE_DELAY_MS_DOC "The time to wait before deleting a file from the filesystem"
    public static final String FLUSH_MESSAGES_INTERVAL_CONFIG "flush.messages"
    public static final String FLUSH_MESSAGES_INTERVAL_DOC "This setting allows specifying an interval at which we will force an fsync of data written to the log. For example if this was set to 1 we would fsync after every message; if it were 5 we would fsync after every five messages. In general we recommend you not set this and use replication for durability and allow the operating system\'s background flush capabilities as it is more efficient. This setting can be overridden on a per-topic basis (see <a href=\"#topicconfigs\">the per-topic configuration section</a>)."
    public static final String FLUSH_MS_CONFIG "flush.ms"
    public static final String FLUSH_MS_DOC "This setting allows specifying a time interval at which we will force an fsync of data written to the log. For example if this was set to 1000 we would fsync after 1000 ms had passed. In general we recommend you not set this and use replication for durability and allow the operating system\'s background flush capabilities as it is more efficient."
    public static final String INDEX_INTERVAL_BYTES_CONFIG "index.interval.bytes"
    public static final String INDEX_INTERVAL_BYTES_DOC "This setting controls how frequently Kafka adds an index entry to its offset index. The default setting ensures that we index a message roughly every 4096 bytes. More indexing allows reads to jump closer to the exact position in the log but makes the index larger. You probably don\'t need to change this."
    public static final String LOCAL_LOG_RETENTION_BYTES_CONFIG "local.retention.bytes"
    public static final String LOCAL_LOG_RETENTION_BYTES_DOC "The maximum size of local log segments that can grow for a partition before it deletes the old segments. Default value is -2, it represents `retention.bytes` value to be used. The effective value should always be less than or equal to `retention.bytes` value."
    public static final String LOCAL_LOG_RETENTION_MS_CONFIG "local.retention.ms"
    public static final String LOCAL_LOG_RETENTION_MS_DOC "The number of milli seconds to keep the local log segment before it gets deleted. Default value is -2, it represents `retention.ms` value is to be used. The effective value should always be less than or equal to `retention.ms` value."
    public static final String MAX_COMPACTION_LAG_MS_CONFIG "max.compaction.lag.ms"
    public static final String MAX_COMPACTION_LAG_MS_DOC "The maximum time a message will remain ineligible for compaction in the log. Only applicable for logs that are being compacted."
    public static final String MAX_MESSAGE_BYTES_CONFIG "max.message.bytes"
    public static final String MAX_MESSAGE_BYTES_DOC "The largest record batch size allowed by Kafka (after compression if compression is enabled). If this is increased and there are consumers older than 0.10.2, the consumers\' fetch size must also be increased so that they can fetch record batches this large. In the latest message format version, records are always grouped into batches for efficiency. In previous message format versions, uncompressed records are not grouped into batches and this limit only applies to a single record in that case."
    public static final String MESSAGE_DOWNCONVERSION_ENABLE_CONFIG "message.downconversion.enable"
    public static final String MESSAGE_DOWNCONVERSION_ENABLE_DOC "This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests. When set to <code>false</code>, broker will not perform down-conversion for consumers expecting an older message format. The broker responds with <code>UNSUPPORTED_VERSION</code> error for consume requests from such older clients. This configurationdoes not apply to any message format conversion that might be required for replication to followers."
    public static final String MESSAGE_FORMAT_VERSION_CONFIG "message.format.version"
    public static final String MESSAGE_FORMAT_VERSION_DOC "[DEPRECATED] Specify the message format version the broker will use to append messages to the logs. The value of this config is always assumed to be `3.0` if `inter.broker.protocol.version` is 3.0 or higher (the actual config value is ignored). Otherwise, the value should be a valid ApiVersion. Some examples are: 0.10.0, 1.1, 2.8, 3.0. By setting a particular message format version, the user is certifying that all the existing messages on disk are smaller or equal than the specified version. Setting this value incorrectly will cause consumers with older versions to break as they will receive messages with a format that they don\'t understand."
    public static final String MESSAGE_TIMESTAMP_AFTER_MAX_MS_CONFIG "message.timestamp.after.max.ms"
    public static final String MESSAGE_TIMESTAMP_AFTER_MAX_MS_DOC "This configuration sets the allowable timestamp difference between the message timestamp and the broker\'s timestamp. The message timestamp can be later than or equal to the broker\'s timestamp, with the maximum allowable difference determined by the value set in this configuration. If message.timestamp.type=CreateTime, the message will be rejected if the difference in timestamps exceeds this specified threshold. This configuration is ignored if message.timestamp.type=LogAppendTime."
    public static final String MESSAGE_TIMESTAMP_BEFORE_MAX_MS_CONFIG "message.timestamp.before.max.ms"
    public static final String MESSAGE_TIMESTAMP_BEFORE_MAX_MS_DOC "This configuration sets the allowable timestamp difference between the broker\'s timestamp and the message timestamp. The message timestamp can be earlier than or equal to the broker\'s timestamp, with the maximum allowable difference determined by the value set in this configuration. If message.timestamp.type=CreateTime, the message will be rejected if the difference in timestamps exceeds this specified threshold. This configuration is ignored if message.timestamp.type=LogAppendTime."
    public static final String MESSAGE_TIMESTAMP_DIFFERENCE_MAX_MS_CONFIG "message.timestamp.difference.max.ms"
    public static final String MESSAGE_TIMESTAMP_DIFFERENCE_MAX_MS_DOC "[DEPRECATED] The maximum difference allowed between the timestamp when a broker receives a message and the timestamp specified in the message. If message.timestamp.type=CreateTime, a message will be rejected if the difference in timestamp exceeds this threshold. This configuration is ignored if message.timestamp.type=LogAppendTime."
    public static final String MESSAGE_TIMESTAMP_TYPE_CONFIG "message.timestamp.type"
    public static final String MESSAGE_TIMESTAMP_TYPE_DOC "Define whether the timestamp in the message is message create time or log append time. The value should be either `CreateTime` or `LogAppendTime`"
    public static final String MIN_CLEANABLE_DIRTY_RATIO_CONFIG "min.cleanable.dirty.ratio"
    public static final String MIN_CLEANABLE_DIRTY_RATIO_DOC "This configuration controls how frequently the log compactor will attempt to clean the log (assuming <a href=\"#compaction\">log compaction</a> is enabled). By default we will avoid cleaning a log where more than 50% of the log has been compacted. This ratio bounds the maximum space wasted in the log by duplicates (at 50% at most 50% of the log could be duplicates). A higher ratio will mean fewer, more efficient cleanings but will mean more wasted space in the log. If the max.compaction.lag.ms or the min.compaction.lag.ms configurations are also specified, then the log compactor considers the log to be eligible for compaction as soon as either: (i) the dirty ratio threshold has been met and the log has had dirty (uncompacted) records for at least the min.compaction.lag.ms duration, or (ii) if the log has had dirty (uncompacted) records for at most the max.compaction.lag.ms period."
    public static final String MIN_COMPACTION_LAG_MS_CONFIG "min.compaction.lag.ms"
    public static final String MIN_COMPACTION_LAG_MS_DOC "The minimum time a message will remain uncompacted in the log. Only applicable for logs that are being compacted."
    public static final String MIN_IN_SYNC_REPLICAS_CONFIG "min.insync.replicas"
    public static final String MIN_IN_SYNC_REPLICAS_DOC "When a producer sets acks to \"all\" (or \"-1\"), this configuration specifies the minimum number of replicas that must acknowledge a write for the write to be considered successful. If this minimum cannot be met, then the producer will raise an exception (either NotEnoughReplicas or NotEnoughReplicasAfterAppend).<br>When used together, <code>min.insync.replicas</code> and <code>acks</code> allow you to enforce greater durability guarantees. A typical scenario would be to create a topic with a replication factor of 3, set <code>min.insync.replicas</code> to 2, and produce with <code>acks</code> of \"all\". This will ensure that the producer raises an exception if a majority of replicas do not receive a write."
    public static final String PREALLOCATE_CONFIG "preallocate"
    public static final String PREALLOCATE_DOC "True if we should preallocate the file on disk when creating a new log segment."
    public static final String REMOTE_LOG_STORAGE_ENABLE_CONFIG "remote.storage.enable"
    public static final String REMOTE_LOG_STORAGE_ENABLE_DOC "To enable tiered storage for a topic, set this configuration as true. You can not disable this config once it is enabled. It will be provided in future versions."
    public static final String RETENTION_BYTES_CONFIG "retention.bytes"
    public static final String RETENTION_BYTES_DOC "This configuration controls the maximum size a partition (which consists of log segments) can grow to before we will discard old log segments to free up space if we are using the \"delete\" retention policy. By default there is no size limit only a time limit. Since this limit is enforced at the partition level, multiply it by the number of partitions to compute the topic retention in bytes."
    public static final String RETENTION_MS_CONFIG "retention.ms"
    public static final String RETENTION_MS_DOC "This configuration controls the maximum time we will retain a log before we will discard old log segments to free up space if we are using the \"delete\" retention policy. This represents an SLA on how soon consumers must read their data. If set to -1, no time limit is applied."
    public static final String SEGMENT_BYTES_CONFIG "segment.bytes"
    public static final String SEGMENT_BYTES_DOC "This configuration controls the segment file size for the log. Retention and cleaning is always done a file at a time so a larger segment size means fewer files but less granular control over retention."
    public static final String SEGMENT_INDEX_BYTES_CONFIG "segment.index.bytes"
    public static final String SEGMENT_INDEX_BYTES_DOC "This configuration controls the size of the index that maps offsets to file positions. We preallocate this index file and shrink it only after log rolls. You generally should not need to change this setting."
    public static final String SEGMENT_JITTER_MS_CONFIG "segment.jitter.ms"
    public static final String SEGMENT_JITTER_MS_DOC "The maximum random jitter subtracted from the scheduled segment roll time to avoid thundering herds of segment rolling"
    public static final String SEGMENT_MS_CONFIG "segment.ms"
    public static final String SEGMENT_MS_DOC "This configuration controls the period of time after which Kafka will force the log to roll even if the segment file isn\'t full to ensure that retention can delete or compact old data."
    public static final String UNCLEAN_LEADER_ELECTION_ENABLE_CONFIG "unclean.leader.election.enable"
    public static final String UNCLEAN_LEADER_ELECTION_ENABLE_DOC "Indicates whether to enable replicas not in the ISR set to be elected as leader as a last resort, even though doing so may result in data loss."
  • org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginCallbackHandler 
    Modifier and Type Constant Field Value
    public static final String CLIENT_ID_CONFIG "clientId"
    public static final String CLIENT_ID_DOC "The OAuth/OIDC identity provider-issued client ID to uniquely identify the service account to use for authentication for this client. The value must be paired with a corresponding clientSecret value and is provided to the OAuth provider using the OAuth clientcredentials grant type."
    public static final String CLIENT_SECRET_CONFIG "clientSecret"
    public static final String CLIENT_SECRET_DOC "The OAuth/OIDC identity provider-issued client secret serves a similar function as a password to the clientId account and identifies the service account to use for authentication for this client. The value must be paired with a corresponding clientId value and is provided to the OAuth provider using the OAuth clientcredentials grant type."
    public static final String SCOPE_CONFIG "scope"
    public static final String SCOPE_DOC "The (optional) HTTP/HTTPS login request to the token endpoint (sasl.oauthbearer.token.endpoint.url) may need to specify an OAuth \"scope\". If so, the scope is used to provide the value to include with the login request."
  • org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule 
    Modifier and Type Constant Field Value
    public static final String OAUTHBEARER_MECHANISM "OAUTHBEARER"