Confluent Control Center Security¶
Configuring security for Control Center requires planning and needs to be done carefully. Because Control Center relies on Kafka Connect, Apache Kafka® brokers, Kafka Streams, interceptors and metrics reporters to work properly, there are numerous options that could be set depending on a particular environment or requirement.
Confluent recommends reviewing Kafka Security and the associated components before configuring security for Control Center.
Important
After a component is secured, it will be unable to communicate with other non-secured components. For instance, if you have a secured Kafka broker and a secured Control Center, but you have not secured Connect, Control Center will behave sporadically when you attempt to use or view it. Be sure to secure all components in your environment.
- Configuring SSL
- Control Center Configuring SASL
- Control Center UI Authentication
- Configuring Control Center with LDAP authentication
- Role-based access control (RBAC) in Confluent Control Center
- Prerequisites
- Limitations
- Control Center resource access by role
- Configure RBAC for Control Center
- Set RBAC configuration options in the Control Center properties file
- Add a role binding for the Control Center user
- Role privileges
- Topic management privileges by role in Control Center
- Topic role binding examples
- Schema Registry in Control Center
- Connector privileges by role in Control Center
- Connector role binding examples
- Add a connector in Control Center fields considerations
- KSQL privileges by role in Control Center
- KSQL role binding example
- Known issues with RBAC in Control Center
- Troubleshoot RBAC in Control Center
- Disable RBAC