Before you go, we want to provide you with a couple of general recommendations as well as a security checklist. The checklist won't cover all use cases but it should serve as a useful outline.
Learn the systems and tools that your organization already uses so that your security team doesn’t have to provide you with a custom solution. This will save setup time now and additional time in the future if you decide to make your Kafka cluster available to more teams in your organization.
Securing your Kafka cluster should be a key success metric of your project, rather than an afterthought. It is much easier to start from a secure standpoint in a development environment, rather than to try and add it retroactively to production.
Due to the wide variety of Kafka use cases across industries, it’s impossible to suggest a “do this and you'll never have to worry” solution. However, what follows is a list of items to discuss and have a plan for, and some recommendations that aren’t required but that will help you to start out on the right foot.
connections.max.reauth.msto enable reauthentication if you are using SASL, which forces your connections to reestablish their connections and have their credentials verified on an ongoing basis.
This list is not exhaustive but should provide you with the means to get started. Make sure to review the official Kafka documentation as well as Kafka: The Definitive Guide for more details.
Additionally, keep in mind that managed Confluent Cloud removes much of the heavy lifting with respect to ops and security and provides the best cloud Kafka service with enterprise-grade features. If you do try out Confluent Cloud, make sure to use the promo code with this course to get additional credits.
We will only share developer content and updates, including notifications when new content is added. We will never send you sales emails. 🙂 By subscribing, you understand we will process your personal information in accordance with our Privacy Statement.