Use Public Connectivity for Confluent Cloud Clusters on AWS

Confluent Cloud offers data in motion services, such as Kafka, ksqlDB, Schema Registry, and Audit Logs, that can be shared across organizations over the internet on AWS. Confluent Cloud services include internet connectivity for the Basic, Standard, and Dedicated cluster types.

Because the cloud infrastructure used by Confluent Cloud does not guarantee static IP addresses for ingress public endpoints, such as for Kafka brokers, Confluent REST API, and Telemetry API, DNS is used to provide a consistent address. The underlying IP addresses might be stable for a period of time, but are subject to change at any time, and they can assume any public IP the cloud provider uses in the region where the cluster is located, so they should not be relied upon for any use.

Confluent provides egress public IP addresses that you can use for communicating between Kafka clusters (with public networking) in Confluent Cloud and external data sources and sinks. For more information, see Use Public Egress IP Addresses on Confluent Cloud for Connectors and Cluster Linking and Public Egress IP Addresses for Confluent Cloud Connectors.

There is no support for public ingress IP addresses. However, DNS resolution for each Kafka cluster follows a predictable pattern. For example, if your cluster bootstrap URL is pkc-12345.<region>.<cloud>.<tld> and the default broker prefix is used, all broker endpoints will be of the format:

b0-pkc-12345.<region>.<cloud>.<tld>
b1-pkc-12345.<region>.<cloud>.<tld>
b2-pkc-12345.<region>.<cloud>.<tld>
...

The following blogs describe how the common outbound proxies handle IP address changes: