AWS Networking Overview on Confluent Cloud

Confluent Cloud supports the public and private networking solutions on AWS.

Public networking solutions

Confluent Cloud offers data in motion services that can be shared across organizations over the secure public endpoints. Confluent Cloud services include the public connectivity for the Basic, Standard, and Dedicated cluster types.

All connections to Confluent Cloud are encrypted with TLS 1.2 and require authentication using API keys, regardless of network configuration.

Confluent Cloud clusters with secure public endpoints are protected by a proxy layer that prevents types of DoS, DDoS, syn flooding, and other network-level attacks.

For Confluent Cloud clusters with public connectivity, you can use public egress IP addresses to communicate with external resources (such as data sources and sinks for managed connectors) over the secure public endpoints. For details, see Use Public Egress IP Addresses on Confluent Cloud for Connectors and Cluster Linking.

Private networking solutions

Confluent Cloud supports data in motion services that are shared privately with organizations on private networks and offers additional customization and controls for security and privacy.

Private networking in Confluent Cloud is supported for Dedicated clusters and Enterprise clusters with the following networking solutions:

• AWS VPC Peering
• AWS PrivateLink for Dedicated clusters
• AWS PrivateLink for Enterprise clusters
• AWS Transit Gateway