Confluent Control Center Security

Configuring security for Control Center requires planning and needs to be done carefully. Because Control Center relies on Kafka Connect, Apache Kafka® brokers, Kafka Streams, interceptors, and metrics reporters to work properly, there are numerous options that should be set depending on a particular environment or requirement.

Confluent recommends reviewing Kafka Security and the associated components before configuring security for Control Center.

Important

After a component is secured, it will be unable to communicate with other non-secured components. For instance, if you have a secured Kafka broker and a secured Control Center, but you have not secured Connect, Control Center will behave sporadically when you attempt to use it. Be sure to secure all components in your environment.

• Configuring SSL
  • Kafka Brokers
  • Control Center Kafka Streams
  • Connect
    • Configuring Connect Worker Interceptors with SSL
    • Configuring Control Center to communicate with Connect over HTTPS
  • ksqlDB
  • Schema Registry
• Control Center Configuring SASL
  • ZooKeeper
  • Kafka Broker
  • Control Center Configuration
  • Schema Registry Configuration
  • Connect Configuration
• Control Center UI Authentication
  • UI HTTPS
• Configuring Control Center to work with Kafka ACLs
• Configuring Control Center with LDAP authentication
  • Escaping special characters
  • Configure Control Center JAAS
  • Start Control Center
  • Configure LdapLoginModule
• Configure RBAC for Control Center
  • Prerequisites
    • Recommended Confluent Platform RBAC reading
  • Limitations
  • Control Center resource access by role
    • About alerts access
  • Configure RBAC for Control Center
  • Set RBAC configuration options in the Control Center properties file
  • Add a role binding for the Control Center user
  • Role privileges
    • Topic management privileges by role in Control Center
    • Topic role binding examples
    • Connector privileges by role in Control Center
    • Connector role binding examples
    • Add a connector in Control Center fields considerations
    • ksqlDB privileges by role in Control Center
    • ksqlDB role binding example
  • Known issues with RBAC in Control Center
    • Control Center connections to external clusters
    • Control Center service principal role
    • Control Center deprecated views
    • Connect and ksqlDB clusters user access
  • Troubleshoot RBAC in Control Center
  • Disable RBAC
• Manage and view RBAC roles in Control Center
  • Log in to Control Center when RBAC enabled
  • Manage RBAC roles with Control Center
    • Prerequisites
    • Role permissions required for managing roles
      • Roles page
      • Manage Role Assignments page
    • Add a role assignment
      • Add role assignment form
        • Fields
      • Add a role assignment (cluster scope)
      • Add a role assignment (resource scope)
    • Delete a role assignment
      • Delete a role assignment (cluster or resource)
    • Troubleshoot role assignments
  • View your RBAC roles in Control Center
    • Roles page
    • View My Role Assignments