Manage Security on Confluent Cloud¶
Confluent Cloud provides comprehensive security features to protect your data and resources. This section covers the key areas of managing security on Confluent Cloud, including authentication, access control, data encryption, and activity monitoring.
Manage authentication¶
Authentication ensures that only authorized users and applications can access your Confluent Cloud resources. This includes managing user accounts, service accounts, API keys, and integrating with identity providers for Single Sign-On (SSO), OAuth/OIDC, and mTLS.
Control access to Confluent Cloud resources¶
Use authorization mechanisms, such as Role-Based Access Control (RBAC) and Access Control Lists (ACLs), to control access to Confluent Cloud resources. This ensures only authorized entities can access specific resources and perform certain actions.
Encrypt and protect data¶
Data encryption protects your data at rest and data in motion (or data in transit), to help ensure that your data is protected. Confluent Cloud supports various encryption methods, including self-managed encryption keys (BYOK) for your Dedicated Kafka clusters and client-side field-level encryption (CSFLE) to protect your most sensitive data.
Monitor activity¶
Monitoring activity involves tracking and auditing access and actions performed on your Confluent Cloud resources. This helps you detect and respond to potential security incidents and ensure compliance with security policies.