What is the recommended method to secure kafka-connect?

I am running Kafka connect in a Shared environment where I only have access to a public port to connect to the instance(s) over https

Currently, anyone with the endpoints can see my workers and my secrets as well as to make unwelcome mutations like removing or adding more workers

What is the latest recommendation to secure this endpoint? Sadly, I do not have the ability to use port-forwarding techniques to hide the access nor do I have access to any firewall to change this

I heard that basic authentication is an option but I have not tried it myself yet

Thanks in advance!

Authentication isn’t really enough. You’ll need authorization to lock down who can perform what actions. See RBAC - Get Started With RBAC and Kafka Connect | Confluent Documentation

There’s also an option to add rest.extension.classes to add http middleware to perform any such protections, based on your custom requirements.

I settled with rest.extension.classes for now


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.