You are viewing documentation for an older version of Confluent Platform. For the latest, click here.

Security Overview

REST Proxy supports SSL for securing communication between REST clients and the REST Proxy (HTTPS), and both SSL and SASL to secure communication between REST Proxy and Apache Kafka.

For more details, check the configuration options.

By default, all the requests to the broker use the same Kerberos Principal or the SSL certificate to communicate with the broker when the is configured to be either of SSL, SASL_PLAIN, or SASL_SSL. With this behavior, it’s not possible to set fine-grained ACL’s for individual topics. This behavior can be modified by using the Confluent Security Plugins. Refer to Kafka Rest Security Plugins for more details.