Docs Self-Managed Reference rpk Commands rpk security rpk security acl rpk security acl delete This is documentation for Self-Managed v24.2. To view the latest available version of the docs, see v24.3. rpk security acl delete Delete ACLs. See the rpk security acl help text for a full write up on ACLs. Delete flags work in a similar multiplying effect as creating ACLs, but delete is more advanced: deletion works on a filter basis. Any unspecified flag defaults to matching everything (all operations, or all allowed principals, etc). To ensure that you do not accidentally delete more than you intend, this command prints everything that matches your input filters and prompts for a confirmation before the delete request is issued. Anything matching more than 10 ACLs doubly confirms. As mentioned, not specifying flags matches everything. If no resources are specified, all resources are matched. If no operations are specified, all operations are matched. You can also opt in to matching everything with "any": --operation any matches any operation. The --resource-pattern-type, defaulting to "any", configures how to filter resource names: "any" returns exact name matches of either prefixed or literal pattern type "match" returns wildcard matches, prefix patterns that match your input, and literal matches "prefix" returns prefix patterns that match your input (prefix "fo" matches "foo") "literal" returns exact name matches Examples Delete all permissions to user bar on topic foo and group g: rpk security acl delete --allow-principal bar --operation all --topic foo --group g In a scenario that 2 ACLs were created for the same role (red-role), 1 that allows access to topic foo, 1 that deny access to topic bar: rpk security acl create --topic foo --operation all --allow-role red-role rpk security acl create --topic bar --operation all --deny-role red-role It’s possible to delete one of the roles: rpk security acl delete --topic foo --operation all --allow-role red-role Usage rpk security acl delete [flags] Flags Value Type Description --allow-host strings Allowed host ACLs to remove (repeatable). --allow-principal strings Allowed principal ACLs to remove (repeatable). --allow-role strings Allowed role to remove this ACL from (repeatable). --cluster - Whether to remove ACLs to the cluster. --deny-host strings Denied host ACLs to remove (repeatable). --deny-principal strings Denied principal ACLs to remove (repeatable). --deny-role strings Denied role for ACLs to remove (repeatable). -d, --dry - Dry run: validate what would be deleted. --group strings Group to remove ACLs for (repeatable). -h, --help - Help for delete. --no-confirm - Disable confirmation prompt. --operation strings Operation to remove (repeatable). -f, --print-filters - Print the filters that were requested (failed filters are always printed). --resource-pattern-type string Pattern to use when matching resource names (any, match, literal, or prefixed) (default "any"). --topic strings Topic to remove ACLs for (repeatable). --transactional-id strings Transactional IDs to remove ACLs for (repeatable). --config string Redpanda or rpk config file; default search paths are /var/lib/redpanda/.config/rpk/rpk.yaml, $PWD/redpanda.yaml, and /etc/redpanda/redpanda.yaml. -X, --config-opt stringArray Override rpk configuration settings. See rpk -X or execute rpk -X help for inline detail or rpk -X list for terser detail. --profile string Profile to use. See rpk profile for more details. -v, --verbose - Enable verbose logging. Back to top × Simple online edits For simple changes, such as fixing a typo, you can edit the content directly on GitHub. Edit on GitHub Or, open an issue to let us know about something that you want us to change. Open an issue Contribution guide For extensive content updates, or if you prefer to work locally, read our contribution guide . Was this helpful? thumb_up thumb_down group Ask in the community mail Share your feedback group_add Make a contribution rpk security acl create rpk security acl list