FAQ for Confluent Cloud¶
This topic provides answers to general Confluent Cloud questions.
- What cloud providers are supported?
- What compliance standards does Confluent Cloud offer?
- What version of Kafka does Confluent Cloud use?
- How do I sign up for Confluent Cloud?
- How do I connect to Confluent Cloud?
- How do I grant user access to my cluster?
- Can I be auto-notified about failures or incidents?
- How is Confluent Cloud priced?
- Are you charged extra per message, topic, or partition?
- Can I do unlimited retention using log compacted topics with Confluent Cloud?
- Are there topic or partition limits?
- What client and protocol versions are supported?
- How do I change support plans?
- What specific security features does Confluent Cloud offer?
- What version of TLS is supported on Confluent Cloud?
- Is Kerberos supported on Confluent Cloud?
- Are Confluent Cloud IP addresses static?
- What are the recommended JVM settings?
- How does billing work for Confluent Cloud?
- Are there any restrictions on support plan purchases?
- What payment methods are supported for Confluent Cloud?
- When am I charged for using Confluent Cloud?
- What if I only use part of the month with Confluent Cloud?
- How do I change the email address used for billing on the Confluent Cloud cluster?
- Can I use the same email account for both Confluent Cloud Enterprise and Confluent Cloud?
- Can I put my Confluent Cloud account on hold?
- Where can I ask questions about my bill?
If you don’t see your region listed, contact Confluent. Additional regions can be supported by request.
- Amazon Web Services (AWS)
- ap-northeast-1 (Tokyo)
- ap-south-1 (Mumbai)
- ap-southeast-1 (Singapore)
- ap-southeast-2 (Sydney)
- ca-central-1 (Canada Central) 
- eu-central-1 (Frankfurt)
- eu-west-1 (Ireland)
- eu-west-2 (London)
- sa-east-1 (São Paulo)
- us-east-1 (N. Virginia)
- us-east-2 (Ohio)
- us-west-1 (N. California) 
- us-west-2 (Oregon)
- Azure (Microsoft Azure)
- australiaeast (New South Wales)
- centralus (Iowa)
- eastus (Virginia)
- eastus2 (Virginia)
- northeurope (Ireland)
- southeastasia (Singapore)
- uksouth (London)
- westus2 (Washington)
- westeurope (Netherlands)
- GCP (Google Cloud Platform)
- asia-east2 (Hong Kong)
- asia-northeast1 (Tokyo)
- asia-southeast1 (Singapore)
- australia-southeast1 (Sydney)
- europe-north1 (Finland)
- europe-west1 (Belgium)
- europe-west2 (London)
- europe-west3 (Frankfurt)
- europe-west4 (Netherlands)
- us-central1 (Iowa)
- us-east1 (S. Carolina)
- us-east4 (N. Virginia)
- us-west1 (Oregon)
- us-west2 (Los Angeles)
|||(1, 2) Region only supports single zone deployments of Confluent Cloud|
|Description||Confluent Cloud Dedicated||Confluent Cloud Standard|
|SOC 1, SOC 2, SOC 3||Yes||Yes|
Confluent Cloud runs the latest version of Confluent Platform, including all released and to-be-released updates.
- After a new version of Kafka is released, there is an expected lag before all Confluent Cloud clusters are updated with the latest.
- Not all current Confluent Platform features are available in Confluent Cloud. For more information, see Supported Features for Confluent Cloud.
Since Kafka version 0.10.0.0, clients and brokers provide backward compatibility so that they can fall back to older request types or throw appropriate errors if functionality is not available. This means that upgrades to Kafka clients do not require corresponding broker upgrades and upgrades to the Kafka version running in Confluent Cloud do not require corresponding version upgrades on the client side. However, it is strongly recommended that you keep all of your clients running on the latest version so that you get the best performance and can use the latest features. For more information, see Confluent Platform and Apache Kafka Compatibility.
Go to Settings -> Organization and click Invite.
Enter the person’s email and click Send Invite. They will receive an email inviting them to your Confluent Cloud instance.
Yes, you can view and subscribe to the Confluent Cloud status page.
Confluent Cloud Enterprise pricing is based on:
- Peak write throughput in MB per second
- Peak read throughput in MB per second
- Total Storage in GB
- Durability (e.g., one AWS Availability zone vs three AWS Availability zones)
Confluent Cloud pricing is based on:
- Data written to Confluent Cloud, measured in GB per hour
- Data read from Confluent Cloud, measured in GB per hour
- Data stored in Confluent Cloud, measured in GB per month
- For Dedicated Clusters, peak throughput capacity for the cluster, measured in MBps per hour
No, there is no extra charge per message, topic, or partition.
Yes. You can set retention per topic in Confluent Cloud, including unlimited retention with log compaction. You are only limited by the amount of total storage for your cluster.
Yes, these are described in Supported Features for Confluent Cloud. If you try to create more partitions than you are allowed, you will see this error:
"You may not create more than the maximum number of partitions"
- Confluent Cloud is compatible with the Apache Kafka® client/protocol version 0.10.0.0 and later.
- Compatible clients must support and implement TLS/SSL encryption and SASL_PLAIN authentication. This is required to connect to Confluent Cloud.
- All client features since 0.10.0.0 are supported, including exactly-once delivery semantics.
You can manage your support plan from the Resources -> Support plans menu in the upper-right.
- All traffic over the wire requires TLS/SSL encryption and SASL_PLAIN authentication.
- All data is encrypted at rest on encrypted volumes.
- You are provided auth keys specific to your cluster which you can revoke or reissue if necessary.
- All data is stored on secure infrastructure, with access controls that are restricted to Confluent engineers, inside a Confluent controlled VPC.
- Confluent Cloud Enterprise is a private cluster product. Resources are allocated specifically to each cluster. There is no shared data from other customers in your cluster.
- VPC Peering (optional) provides network-level security for Confluent Cloud Enterprise customers and customers with Dedicated Clusters in Confluent Cloud.
TLS version 1.2 is supported.
Effective March 15, 2020, connections made by using TLS 1.0 and 1.1 are no longer supported. TLS 1.0 and 1.1 are legacy cryptographic protocols that do not support modern cryptographic algorithms. They contain security vulnerabilities that can be exploited by attackers. The Internet Engineering Task Force is planning to officially deprecate both protocols. The majority of encrypted internet traffic is now over TLS 1.2. TLS 1.2 has been the recommended version for IETF protocols since 2008.
No. Because the cloud infrastructure that is used by Confluent Cloud does not guarantee static IPs across cluster changes, DNS is used to provide a consistent address. The underlying IPs may be stable for some period of time, but are subject to change at any time, so they should not be relied upon for any use.
However, DNS for each cluster follows a predictable pattern. If your cluster bootstrap URL is
pkc-12345.<region>.<cloud>.<tld>, all broker endpoints will be of the format:
b0-pkc-12345.<region>.<cloud>.<tld>, b1-pkc-12345.<region>.<cloud>.<tld>, b2-pkc-12345.<region>.<cloud>.<tld>...
Here are the recommended JVM producer settings.
- JVM Security configuration
java.security.Security.setProperty(“networkaddress.cache.ttl” , “30"); java.security.Security.setProperty(“networkaddress.cache.negative.ttl” , “0");
- Kafka Producer and Consumer configuration
Billing for Confluent Cloud is done through a credit card. If you have a Confluent Cloud Enterprise subscription, the billing setup is customized for your enterprise.
If you make a usage commitment for Confluent Cloud, you may set up custom billing. For more information, contact the Confluent Cloud team.
Certain downgrade restrictions apply to support plan purchases. Your current support level will stay in effect until the end of the current calendar month. However, if you downgrade within the month of purchase, the current level will be maintained until the end of the next full calendar month.
Confluent Cloud only supports using a credit card for payment, unless you make a usage commitment. With Confluent Cloud Enterprise or usage commitments for Confluent Cloud, you can use a purchase order and other methods of payment.
Pricing for Confluent Cloud Standard clusters is based on a consumption-based model. You only pay for the data you write, store, and read from the cluster. There is no hourly or other provisioning cost for a Standard cluster. The monthly charge is calculated as the price per unit of usage multiplied by the total units consumed in the calendar month. For example, if write throughput was priced at $.10 per GB, and you write 500 GB of data to the cluster from January 1st to 31st, you would pay $50, plus storage and read usage charges. The credit card is charged after the end of each calendar month.
To stop incurring charges after a cluster is provisioned, you can do either of the following:
- Delete the cluster.
- Stop all producer and consumer clients and delete all stored data.
If you provision a Dedicated Confluent Cloud cluster, you are also be charged hourly for the capacity of the cluster, in addition to the data that you write, store, and read from the cluster. For more information, contact the Confluent Cloud team.
You only pay for what you stream.
To change the invoice email address, contact the Confluent Cloud team. Your monthly invoice will be emailed to the email address that was provided initially during sign up for Confluent Cloud. The invoice can only be sent to a single email address.
No, an email account can only be in one organization at a time. If you are switching from Confluent Cloud to Confluent Cloud Enterprise
or changing organizations, Confluent can move you to a different organization. If your email provider supports tagging
with a plus sign (
+), then you can register a new account using your existing email address with a different tag.
For example, if you have an existing Confluent Cloud account using
firstname.lastname@example.org then you could register a
Confluent Cloud Enterprise account with this syntax:
No, but you can transfer your data from Confluent Cloud before deleting your cluster. For more information, see Connecting Kafka Connect to Confluent Cloud.