What is the recommended method to secure kafka-connect?

yk1113 · 29 August 2023 20:12

I am running Kafka connect in a Shared environment where I only have access to a public port to connect to the instance(s) over https

Currently, anyone with the endpoints can see my workers and my secrets as well as to make unwelcome mutations like removing or adding more workers

What is the latest recommendation to secure this endpoint? Sadly, I do not have the ability to use port-forwarding techniques to hide the access nor do I have access to any firewall to change this

I heard that basic authentication is an option but I have not tried it myself yet

Thanks in advance!

OneCricketeer · 4 September 2023 01:21

Authentication isn’t really enough. You’ll need authorization to lock down who can perform what actions. See RBAC - Get Started With RBAC and Kafka Connect | Confluent Documentation

There’s also an option to add rest.extension.classes to add http middleware to perform any such protections, based on your custom requirements.

yk1113 · 4 September 2023 05:18

I settled with rest.extension.classes for now

Thanks!

system · 11 September 2023 05:18

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Securing connect rest endpoints Kafka Connect	2	3360	16 February 2021
Authentication failure connect from controlcenter Kafka Connect	1	2702	5 November 2022
Connect Kafka REST Proxy to Confluent Cloud cluster using RBAC REST Proxy	7	21	15 September 2024
Multiple Authentication mechanism with Client Architecture and Design	0	1245	2 November 2023
First connect via SSL Kafka Connect	4	4055	21 January 2022

What is the recommended method to secure kafka-connect?

Related topics