[Workshop] Stream Processing Made Easy With Flink | Register Now

Presentation

Overcoming the Perils of Kafka Secret Sprawl

« Kafka Summit 2020

Secrets are indisputably the biggest risk area in the authentication arena and Apache Kafka is no exception. Kafka services are typically configured using properties files which contain plain text secret configurations, upon startup these configurations are transmitted in clear text to different components, stored in filesystem, internal topics and logs thus creating a secret sprawl.

This talk will deep dive into how we can eliminate this secret sprawl by adding Config Providers to integrate with centralized management systems such as Vault, Keywhiz, or AWS Secrets Manager.

We’ll cover:
• Security implications of clear text secrets and secret sprawl
• Insecure parsing of secrets configurations in Kafka
• Know how about Kafka Config Providers
• Centralized Management Systems
• How to secure Kafka with CP and CMS
• Trust but Verify ~ Demo

Related Links

How Confluent Completes Apache Kafka eBook

Leverage a cloud-native service 10x better than Apache Kafka

Confluent Developer Center

Spend less on Kafka with Confluent, come see how