Confluent Platform completes Kafka with enterprise-grade security capabilities to ensure confidentiality of critical information, traceability of user actions and secure access to resources with scalability and standardization.
Secret Protection safeguards all critically sensitive information (e.g passwords and tokens) within Kafka with at-rest encryption of configuration files. It encrypts not only Kafka files, but any config file published to Kafka.
RBAC is a centralized implementation for secure access to Kafka resources with fine-tuned granularity and platform-wide standardization. Control permissions by users/groups to clusters, topics, consumers groups and even individual connectors.
Avoid risk by ensuring that confidential information, such as user passwords, is only visible to authorized users. Secret Protection provides:
Capture the actions taken by users to detect abnormal behavior, identify potential security threats, and address compliance requirements related to information security. Structured Audit Logs allows you:
To provide industry-backed standardization, Structured Audit Logs uses the CloudEvents specification to define the log syntax.
Control permissions by users and groups to shared platform resources, such as clusters, topics, and even individual connectors. RBAC allows you to run multi-tenant clusters, allowing for more scalable operations and more efficient use of resources.
RBAC integrates with existing security authorization systems (AD/LDAP) to allow you to naturally handle permissions using a common user inventory across existing IT systems.
Delegate the responsibility of managing access permissions to true resource owners, such as departments and business units. RBAC helps you scale Kafka more efficiently, because it spreads the operational load of managing authorization across a variety of users, which eliminates bottlenecks.
Simplifies security management across your organization by using Control Center to view your own permissions, as well as manage role bindings for your downstream stakeholders.
Leverage a single framework to centrally manage and enforce security authorization across the entire Confluent Platform to ensure security at scale. RBAC delivers comprehensive authorization enforced via: