Release blog 2025.2 - The summer release

Axual 2025.2 has arrived with critical enhancements for enterprise streaming. While others chase the latest trends, we've focused on what actually matters: centralized authentication options, improved governance tracking, and better stream processing capabilities. These features directly address the governance, security, and operational challenges that come with running Kafka at enterprise scale.

The reality is that most Kafka implementations aren't prepared for tomorrow's compliance requirements or security threats. With 2025.2, we're addressing the governance and security requirements that enterprise architects need to manage effectively.

Let's examine what's new.

Enhanced audit history in self-service

The Audit History feature now delivers the forensic capabilities enterprise environments demand. Building on 2025.1’s foundation, we’ve expanded tracking to capture complete context for every governance action. Configuration changes, access grants, and resource modification are recorded with full details of what changed, not who made the change and when.

Complete governance visibility

Tenant admins can now investigate any governance event through comprehensive filtering: by resource type and name, actor, action type, or time range. This granular visibility serves two critical purposes: rapid incident troubleshooting when something goes wrong, and demonstrable compliance when auditors come calling. 

‍

Access the Audit history through the tenant menu to view all organizational events. Whether you’re tracking down a misconfiguration from last month or preparing compliance reports for your next audit, the data is there, searchable, and audit-ready.

‍

Learn more about Audit history configuration

OAuth bearer support for the REST Proxy

Certificate management for REST Proxy authentication creates unnecessary complexity, especially when your organization already runs enterprise OAuth infrastructure. With 2025.2, we've eliminated this friction by adding OAuth bearer token support to the REST Proxy.

Enterprise authentication, simplified

Connect legacy applications, third-party services, and HTTP-based systems to Kafka using the authentication infrastructure you already trust. The REST Proxy now validates JWT tokens against your configured OAuth/OIDC provider, extracts the principal, and verifies access rights. All without managing additional certificates.

This matters most for organizations with established identity providers like Azure AD, Okta, or Keycloak. Your existing authentication patterns now extend seamlessly to Kafka access, maintaining consistent security policies across your entire technology stack. No special cases, no certificate sprawl, no security compromises for convenience.

You can find more information about OAuth for REST Proxy here

KSML improvements

Stream processing applications need precise lifecycle control. Too often, they either restart endlessly when they should stop, or fail silently when they should restart. KSML improvements in 2025.2 give you explicit control over application behavior while strengthening monitoring capabilities.

Controlled application lifecycles

The new restart policy configuration transforms how KSML applications behave on exit. Need continuous processing? Configure automatic restarts. Running one-time data generation? Set on-exit to ensure clean completion. When configured for single runs, KSML applications run once and are terminated

Consider test data generation: define a KSML application that produces exactly 50 messages to a topic, then exits. Clean, repeatable, automated. No zombie processes consuming resources or requiring cleanup.

Production-ready monitoring

We've integrated Prometheus Rules directly into KSML helm charts with alerts for the failures that matter: pods not ready, out-of-memory conditions, and excessive restarts. You'll know when applications misbehave before they impact downstream systems.

These improvements mean teams can focus on stream processing logic rather than infrastructure complexity. Axual handles the compilation, packaging, and deployment mechanics behind the scenes. Deploy standardized stream processing patterns across your organization without every team becoming Kubernetes experts.

Explore the KSML documentation here

General improvements

Beyond the headline features, 2025.2 includes numerous refinements based on real-world usage at companies like Eneco and TenneT. Performance optimizations, UI enhancements, and bug fixes that collectively improve the day-to-day experience of managing enterprise Kafka.

Check them out here.

Begin your Kafka journey with Axual

Still managing Kafka with spreadsheets and scripts? Worried about your next compliance audit? Struggling to give teams autonomy without losing control? These aren't unique problems, they're symptoms of trying to run enterprise Kafka without enterprise governance.

Your next steps: Schedule a technical discussion with our architects

Axual 2025.2 is about evolutionary improvements that address the governance, security, and operational challenges you actually face. Because in the enterprise world, sustainable progress beats disruptive hype every time.

Ready to future-proof your Kafka implementation? Contact us to discuss how Axual 2025.2 can strengthen your streaming infrastructure via this link.