October 25, 2022

Kafka Security – did you miss something?

Communication security, authentication, authorization and message security. There are a lot of security settings you need to configure when working with Apache Kafka. In this blog post, Richard explains the four key security subjects.

Table name
Lorem ipsum
Lorem ipsum
Lorem ipsum

Answers to your questions about Axual’s All-in-one Kafka Platform

Are you curious about our All-in-one Kafka platform? Dive into our FAQs
for all the details you need, and find the answers to your burning questions.

How does Apache Kafka handle authorization and access control?

Apache Kafka uses Access Control Lists (ACLs) to manage authorization. ACLs specify which clients are allowed or denied access to specific resources, such as topics, consumer groups, or clusters, based on their principal name (authenticated identity). Kafka’s ACLs allow fine-grained control over permissions like read, write, and delete. Custom authorization models can also be implemented by configuring Kafka’s authorizer class. This ensures that only authorized users can perform certain actions within the Kafka ecosystem.

What authentication methods are available in Apache Kafka?

Apache Kafka supports several authentication methods, including TLS Client Authentication (Mutual TLS), SASL (Simple Authentication and Security Layer) with mechanisms like PLAIN, SCRAM, GSSAPI (Kerberos), and OAUTHBEARER. Each of these methods ensures that only authorized clients can connect to the Kafka cluster. Organizations can choose the authentication mechanism that best fits their security needs, including integrating with OAuth2 or existing Kerberos servers for centralized management.

Richard Bosch
Richard Bosch
Developer Advocate