Best Practices for IP Filtering on Confluent Cloud

Review the following best practices for using IP Filtering to control access to your Confluent Cloud resources. While not a substitute for other security measures, IP filtering can help you reduce the likelihood of unauthorized access to your Confluent Cloud resources.

Use meaningful names for IP filters and IP groups

Use meaningful names for IP filters and IP groups to make it easier to identify them and streamline the organization of IP filters based on IP groups.

Example

IP filter: “Access from US Offices”

Associated IP groups: “SF Office” and “NYC Office”

Monitor audit logs for unauthorized access

Audit log records can help identify compromised credentials for a user or service account. If an attacker attempts to use compromised credential from an IP address that is not covered by an IP filter, the request is denied and is added to your audit log. You can monitor audit logs for unauthorized access attempts by tracking ip-filter.Authorize events in your audit logs. For more information, see Audit Logs and IP Filter Authorization Auditable Event Methods on Confluent Cloud.

Related content

• IP Filtering (overview)
• Manage IP Filters
• Manage IP Groups
• Confluent CLI Reference: confluent iam ip-group
• Confluent CLI Reference: confluent iam ip-filter
• Confluent API Reference: IP Groups
• Confluent API Reference: IP Filters