I am having a 3 node Kafka cluster and 2 kafka clients for producer and consumer. I have enabled SSL authentication. I want to enable authorizations for the cluster. I have added the below property in my server.properties in broker nodes.

authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer

I know that it is the zookeeper which stores the acl information. I want to know who can set the authorizations for different clients. And how is the authorizations set?

After you've set the authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer, the cluster checks for every connection to the broker via authorization.

Who can set the authorization for different clients?
I think any user who can execute the kafka-acls.sh executable can set the authorization. If you need to limit the ability to only yourself, you could change the permissions of the file to 700.

How is the authorization set?
After setting the SimpleAclAuthorizer, by default, users are not allowed access to any resource unless it's specified in the ACLs. You can add a new ACL as follows:

bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:Bob --allow-principal User:Alice --allow-host 198.51.100.0 --allow-host 198.51.100.1 --operation Read --operation Write --topic Test-topic

The above command adds an ACL which indicates to allow users Bob and Alice connecting from hosts 198.51.100.0,198.51.100.1, 'read' and 'write' operation on the topic 'Test-topic'. Adding and removing ACLs has been explained clearly here.
Let me know if you have any more doubts.