Manage Identity Pools for mTLS authentication on Confluent Cloud

You can create, update, and delete identity pools for mTLS authentication using the Confluent Cloud Console, the Confluent CLI, and the Confluent Cloud APIs.

Create an identity pool for mTLS

To create an identity pool for mTLS:

  1. In the Confluent Cloud Console, go to Account & access, then click Workload identities. Alternatively, click https://confluent.cloud/settings/org/workload-identities.
  2. Select the specific Certificate authority to create the identity pool for.
  3. Click Add identity pool if none exists; otherwise, click Add pool. The New identity pool page displays.
  4. Configure the identity pool using the following fields:
  5. Select the granular permissions to Confluent Cloud resources for the identity pool.
  6. Review the confirmation page and then click Validate and save. The identity pool is created and added to the list of identity pools.

Describe an identity pool for mTLS

Get the details of an identity pool for mTLS.

To describe an identity pool for mTLS:

  1. In the Confluent Cloud Console, go to Account & access, then click Workload identities. Alternatively, click https://confluent.cloud/settings/org/workload-identities.
  2. Click the name of the identity pool. The Overview page displays.

List identity pools for mTLS

Get a list of the identity pools for mTLS.

To see a list of your identity pools for mTLS:

  1. In the Confluent Cloud Console, go to Account & access, then click Workload identities. Alternatively, click https://confluent.cloud/settings/org/workload-identities.
  2. Click the name of the identity provider you want to see the identity pools for. The Certificate Authority details page displays.

For the list of identity pools, see the Identity pools section. The list of identity pools includes the following details:

  • Name
  • Pool ID
  • Description

To see the details of a specific identity pool, click the name of the identity pool. The identity pool details page displays. Click the name of the identity pool to see the details.

Update an identity pool for mTLS

Update the details of an identity pool for mTLS, such as the provider, description, name, filter, and external identifier.

To update the details of a identity pool for mTLS:

  1. Click the name of the identity pool. The Overview page displays.

    The Overview page provides details of the identity pool.

  2. Edit any of the fields for the identity pool. Click Edit existing access to alter the assigned permissions.

  3. Click Save to complete any changes and return to the specific Certificate Authority page.

Delete an identity pool for mTLS

Delete an identity pool for mTLS.

To delete an identity pool for mTLS:

  1. In the Confluent Cloud Console, go to Account & access, then click Workload identities. Alternatively, click https://confluent.cloud/settings/org/workload-identities.
  2. Click the name of the identity provider you want to delete the identity pool for. The Certificate Authority details page displays.
  3. Hover over the name of the identity pool you want to delete and click the trash icon to delete the identity pool.

The identity pool is deleted.