Configuration Reference for HTTP Sink Connector for Confluent Platform

To use this connector, specify the name of the connector class in the connector.class configuration property.

connector.class=io.confluent.connect.http.HttpSinkConnector

Connector-specific configuration properties are described below. For a list of properties common to all sink connectors, including the topics configuration parameter, see the Kafka Connect Sink Connector Configuration Properties documentation page.

Note

These are properties for the self-managed connector. If you are using Confluent Cloud, see HTTP Sink Connector for Confluent Cloud.

Connection

http.api.url

The HTTP API URL.

  • Type: string

  • Importance: high

request.method

The HTTP request method.

  • Type: string

  • Default: POST

  • Valid Values: POST, PUT, or PATCH

  • Importance: high

behavior.on.null.values

How to handle records with a non-null key and a null value (that is, Kafka tombstone records). Valid options are ignore, delete, log and fail.

fail Throws a NullRecordException and will be handled as per behavior.on.error configuration.

log Logs the record coordinates and key.

ignore Continues to process next set of records. when records with null value encountered.

delete Deletes the record by executing delete http request when records with null value encountered.

  • Type: string

  • Default: ignore

  • Valid Values: one of [fail, log, ignore, delete]

  • Importance: low

behavior.on.error

Error handling behavior setting for handling response from HTTP requests. Must be configured to one of the following:

fail Stops the connector when an error occurs.

ignore Continues to process next set of records. when error occurs.

log Logs the error message to application logs when error occurs and continues to process next set of records.

  • Type: string

  • Default: fail

  • Valid Values: one of [fail, log, ignore]

  • Importance: low

report.errors.as

Dictates the content of records produced to the error topic. If set to error_string, the value would be a human readable string describing the failure. The value will include some or all of the following information if available:

  • HTTP response code

  • Reason phrase

  • Submitted payload

  • URL

  • Response content

  • Exception and error message

If set to http_response, the value would be the plain response content for the request which failed to write the record. In both modes, any information about the failure will also be included in the error records headers.

  • Type: string

  • Importance: medium

headers

HTTP headers to be included in all requests. Individual headers should be separated by the header.separator.

Example:

"headers":"Content-Type:application/json|Accept:application/json"

  • Type: string

  • Default: “”

  • Importance: high

Note that the connector does not allow the following headers:

  • accept-charset

  • accept-encoding

  • access-control-request-headers

  • access-control-request-method

  • connection

  • content-length

  • cookie

  • cookie2

  • date

  • dnt

  • expect

  • feature-policy

  • host

  • keep-alive

  • origin

  • referer

  • te

  • trailer

  • trailer-encoding

  • upgrade

  • via

The connector also does not allow the following header prefixes:

  • proxy-

  • sec

  • x-forwarded-

header.separator

Separator character used in headers property.

  • Type: string

  • Default: |

  • Importance: high

http.connect.timeout.ms

Time to wait for a connection to be established.

  • Type: int

  • Default: 30000

  • Importance: medium

http.request.timeout.ms

Time to wait for a request response to arrive.

  • Type: int

  • Default: 30000

  • Importance: medium

http.proxy.host

The host or IP address of the HTTP proxy.

  • Type: string

  • Default: “”

  • Importance: high

http.proxy.port

The port number of the HTTP proxy.

  • Type: int

  • Default: 0

  • Valid Values: [0,…]

  • Importance: high

http.proxy.user

The username to be used when authenticating with the HTTP proxy.

  • Type: string

  • Default: “”

  • Importance: high

http.proxy.password

The password to be used when authenticating with the HTTP proxy.

  • Type: password

  • Default: [hidden]

  • Importance: high

deletes.send.in.order

A flag denoting whether delete requests for tombstone records should be sent in order. By default, the connector sends a delete request immediately after it encounters a tombstone record, while non-tombstone records are batched and sent only when the batch is full. To override this default behavior and send tombstone records in order before processing the next set of records, set deletes.send.in.order to true. Setting this property to true ensures all tombstone and non-tombstone records are sent in order. Note that this configuration property is supported in versions 1.7.5 and later.

  • Type: boolean

  • Default: false

  • Importance: low

Connect Reporter

For more information about Reporter, see Connect Reporter.

reporter.result.topic.name

The name of the topic to produce records to after successfully processing a sink record. Use ${connector} within the pattern to specify the current connector name. Leave blank to disable error reporting behavior.

  • Type: string

  • Default: ${connector}-success

  • Valid Values: Replacing ${connector} must be either Valid topic names that contain 1-249 ASCII alphanumeric, +, ., _ and - characters.

  • Importance: medium

reporter.result.topic.replication.factor

The replication factor of the result topic when it is automatically created by this connector. This determines how many broker failures can be tolerated before data loss occurs. This should be 1 in development environments and ALWAYS at least 3 in production environments.

  • Type: short

  • Default: 3

  • Valid Values: [1,…]

  • Importance: medium

reporter.result.topic.partitions

The number of partitions in the result topic when it is automatically created by this connector. This number of partitions should be the same as the number of input partitions to handle the potential throughput.

  • Type: int

  • Default: 1

  • Valid Values: [1,…]

  • Importance: medium

reporter.error.topic.name

The name of the topic to produce records to after each unsuccessful record sink attempt. Use ${connector} within the pattern to specify the current connector name. Leave blank to disable error reporting behavior.

  • Type: string

  • Default: ${connector}-error

  • Valid Values: Replacing ${connector} must be either Valid topic names that contain 1-249 ASCII alphanumeric, +, ., _ and - characters.

  • Importance: medium

reporter.error.topic.replication.factor

The replication factor of the error topic when it is automatically created by this connector. This determines how many broker failures can be tolerated before data loss occurs. This should be 1 in development environments and ALWAYS at least 3 in production environments.

  • Type: short

  • Default: 3

  • Valid Values: [1,…]

  • Importance: medium

reporter.error.topic.partitions

The number of partitions in the error topic when it is automatically created by this connector. This number of partitions should be the same as the number of input partitions in order to handle the potential throughput.

  • Type: int

  • Default: 1

  • Valid Values: [1,…]

  • Importance: medium

reporter.bootstrap.servers

A list of host/port pairs to use for establishing the initial connection to the Kafka cluster. The client will make use of all servers regardless of which bootstrap servers are specified here. This list only impacts the initial hosts used to discover the full set of servers. This list should be in the form host1:port1,host2:port2,.. Since these servers are just used for the initial connection to discover the full cluster membership (which may change dynamically), this list does not need to contain the full set of servers. However, you may want to include more than one in case a server is down.

  • Type: list

  • Valid Values: Non-empty list

  • Importance: high

Formatter

reporter.result.topic.key.format

The format in which the result report key is serialized.

  • Type: string

  • Default: json

  • Valid Values: one of [string, json]

  • Importance: medium

  • Dependents: reporter.result.topic.key.format.schemas.enable, reporter.result.topic.key.format.schemas.cache.size

reporter.result.topic.value.format

The format in which the result report value is serialized.

  • Type: string

  • Default: json

  • Valid Values: one of [string, json]

  • Importance: medium

  • Dependents: reporter.result.topic.value.format.schemas.cache.size, reporter.result.topic.value.format.schemas.enable

reporter.error.topic.key.format

The format in which the error report key is serialized.

  • Type: string

  • Default: json

  • Valid Values: one of [string, json]

  • Importance: medium

  • Dependents: reporter.error.topic.key.format.schemas.cache.size, reporter.error.topic.key.format.schemas.enable

reporter.error.topic.value.format

The format in which the error report value is serialized.

  • Type: string

  • Default: json

  • Valid Values: one of [string, json]

  • Importance: medium

  • Dependents: reporter.error.topic.value.format.schemas.cache.size, reporter.error.topic.value.format.schemas.enable

JSON Formatter

reporter.result.topic.key.format.schemas.cache.size

The maximum number of schemas that can be cached in the JSON formatter.

  • Type: int

  • Default: 128

  • Valid Values: [0,…,2048]

  • Importance: medium

reporter.result.topic.key.format.schemas.enable

Include schemas within each of the serialized values and keys.

  • Type: boolean

  • Default: false

  • Importance: medium

reporter.result.topic.value.format.schemas.cache.size

The maximum number of schemas that can be cached in the JSON formatter.

  • Type: int

  • Default: 128

  • Valid Values: [0,…,2048]

  • Importance: medium

reporter.result.topic.value.format.schemas.enable

Include schemas within each of the serialized values and keys.

  • Type: boolean

  • Default: false

  • Importance: medium

reporter.error.topic.key.format.schemas.cache.size

The maximum number of schemas that can be cached in the JSON formatter.

  • Type: int

  • Default: 128

  • Valid Values: [0,…,2048]

  • Importance: medium

reporter.error.topic.key.format.schemas.enable

Include schemas within each of the serialized values and keys.

  • Type: boolean

  • Default: false

  • Importance: medium

reporter.error.topic.value.format.schemas.cache.size

The maximum number of schemas that can be cached in the JSON formatter.

  • Type: int

  • Default: 128

  • Valid Values: [0,…,2048]

  • Importance: medium

reporter.error.topic.value.format.schemas.enable

Include schemas within each of the serialized values and keys.

  • Type: boolean

  • Default: false

  • Importance: medium

Authorization

auth.type

Authentication type of the endpoint. Valid values are NONE, BASIC, OAUTH2 (Client Credentials grant type only).

  • Type: string

  • Default: NONE

  • Importance: high

connection.user

The username to be used with an endpoint requiring authentication.

  • Type: string

  • Default: “”

  • Importance: high

connection.password

The password to be used with an endpoint requiring authentication.

  • Type: password

  • Default: [hidden]

  • Importance: high

oauth2.token.url

The URL to be used for fetching OAuth2 token. Client Credentials is the only supported grant type.

  • Type: string

  • Default: “”

  • Importance: high

oauth2.client.id

The client id used when fetching OAuth2 token.

  • Type: string

  • Default: “”

  • Importance: high

oauth2.client.secret

The secret used when fetching OAuth2 token.

  • Type: password

  • Default: [hidden]

  • Importance: high

oauth2.token.property

The name of the property containing the OAuth2 token returned by the http proxy. Default value is access_token.

  • Type: string

  • Default: access_token

  • Importance: high

oauth2.client.auth.mode

Specifies how to encode client_id and client_secret in the OAuth2 authorization request. If set to ‘header’, the credentials are encoded as an 'Authorization: Basic <base-64 encoded client_id:client_secret>' HTTP header. If set to ‘url’, then client_id and client_secret are sent in body as URL encoded parameters.

  • Type: string

  • Default: header

  • Valid Values: one of [header, url]

  • Importance: low

oauth2.client.scope

The scope used when fetching OAuth2 token. The default value is any. You can set this property to the desired value. If you don’t want any to be passed to the endpoint, you can set the value to an empty string.

  • Type: string

  • Default: any

  • Importance: low

oauth2.client.headers

The HTTP headers to include in each request to the OAuth 2 client endpoint. You should separate individual headers using the oauth2.client.header.separator property. Note that if you add the Content-Type header, the connector will override the value with application/x-www-form-urlencoded.

  • Type: string

  • Default: “”

  • Importance: low

oauth2.client.header.separator

The separator character used in the oauth2.client.headers configuration property.

  • Type: string

  • Default: |

  • Importance: low

oauth2.jwt.enabled

Whether to generate and add a JSON Web Token (JWT) token to a request. If set to true, the JWT token will be added as a jwt_token request parameter. Note that you must set oauth2.client.auth.mode to url for this property to work.

  • Type: boolean

  • Default: false

  • Importance: medium

oauth2.jwt.keystore.path

The path to the keystore containing the key to use to generate a JWT.

  • Type: string

  • Default: “”

  • Importance: medium

oauth2.jwt.keystore.password

The password to use to access the JWT keystore.

  • Type: password

  • Default: “”

  • Importance: medium

oauth2.jwt.keystore.type

The JWT keystore type. You can set the keystore type to JKS or PKCS12.

  • Type: string

  • Default: JKS

  • Importance: medium

oauth2.jwt.claimset

A JSON string containing JWT claims. Note that the issued at time (iat) will be set by connector to the JWT creation time–current time–and expiry (exp) will be set to 5 minutes from time of issue. Additionally, the connector will set jti to a random string. Any values you set for these fields will be overridden by connector.

  • Type: string

  • Default: “”

  • Importance: medium

oauth2.jwt.signature.algorithm

The algorithm to use for signing claims.

  • Type: string

  • Default: rs256

  • Valid values: rs256

  • Importance: low

Retries

max.retries

The maximum number of times to retry on errors before failing the task.

  • Type: int

  • Default: 5

  • Valid Values: [1,…]

  • Importance: medium

retry.backoff.ms

The initial duration in milliseconds to wait following an error before a retry attempt is made. Subsequent backoffs will be exponentially larger than the first duration. Note that retry.backoff.ms is the initial backoff before retrying. After that, the connector will retry using exponential jitter. For more details about exponential jitter, see Better Retries with Exponential Backoff and Jitter.

  • Type: int

  • Default: 3000

  • Valid Values: [1,…]

  • Importance: medium

retry.on.status.codes

The HTTP error codes to retry on. Comma-separated list of codes or range of codes to retry on. Ranges are specified with start and optional end code. Range boundaries are inclusive. For instance, 400- includes all codes greater than or equal to 400. 400-500 includes codes from 400 to 500, including 500. Multiple ranges and single codes can be specified together to achieve fine-grained control over retry behavior. For example, 404,408,500- will retry on 404 NOT FOUND, 408 REQUEST TIMEOUT, and all 5xx error codes.

  • Type: string

  • Default: 400-

  • Importance: medium

Regex

regex.patterns

Regular expression patterns used for replacements in the message sent to the HTTP service. Multiple regular expression patterns can be specified, but they must be separated by regex.separator. Only used when request.body.format is set to string.

  • Type: string

  • Default: “”

  • Importance: low

regex.replacements

Regex replacements to use with the patterns in regex.patterns. Multiple replacements can be specified, but they must be separated by regex.separator. ${key} and ${topic} can be used here. Only used when request.body.format is set to string.

  • Type: string

  • Default: “”

  • Importance: low

regex.separator

Separator character used in regex.patterns and regex.replacements property. Only used when request.body.format is set to string.

  • Type: string

  • Default: ~

  • Importance: high

Batching

request.body.format

Used to produce request body in either JSON or String format.

  • Type: string

  • Default: string

  • Valid Values: one of [string, json]

  • Importance: medium

batch.key.pattern

Pattern used to build the key for a given batch. ${key} and ${topic} can be used to include message attributes here.

  • Type: string

  • Default: someKey

  • Importance: high

batch.max.size

The number of records accumulated in a batch before the HTTP API is invoked. Note that batching is disabled if you use template parameters other than $key and $topic.

  • Type: int

  • Default: 1

  • Importance: high

batch.prefix

The prefix added to record batches. This is applied once at the beginning of the batch of records.

  • Type: string

  • Default: “”

  • Importance: high

batch.suffix

The suffix added to record batches. This is applied once at the end of the batch of records.

  • Type: string

  • Default: “”

  • Importance: high

batch.separator

Separator for records in a batch. Only used when request.body.format is set to string.

  • Type: string

  • Default: ,

  • Importance: high

batch.json.as.array

Whether or not to use an array to bundle json records. Only used when request.body.format is set to json. This can be disabled only when batch.max.size is set to 1.

  • Type: boolean

  • Default: true

  • Importance: high

Security

https.ssl.key.password

The password of the private key in the key store file. This is optional for client.

  • Type: password

  • Default: null

  • Importance: high

https.ssl.keystore.location

The location of the key store file. This is optional for client and can be used for two-way authentication for client.

  • Type: string

  • Default: null

  • Importance: high

https.ssl.keystore.password

The store password for the key store file. This is optional for a client and is only needed if ssl.keystore.location is configured.

  • Type: password

  • Default: null

  • Importance: high

https.ssl.truststore.location

The location of the trust store file.

  • Type: string

  • Default: null

  • Importance: high

https.ssl.truststore.password

The password for the trust store file. If a password is not set, access to the truststore is still available, but integrity checking is disabled.

  • Type: password

  • Default: null

  • Importance: high

https.ssl.enabled.protocols

The list of protocols enabled for SSL connections.

  • Type: list

  • Default: TLSv1.2,TLSv1.1,TLSv1

  • Importance: medium

https.ssl.keystore.type

The file format of the key store file. This is optional for client.

  • Type: string

  • Default: JKS

  • Importance: medium

https.ssl.protocol

The SSL protocol used to generate the SSLContext. Default setting is TLS, which is fine for most cases. Allowed values in recent JVMs are TLS, TLSv1.1 and TLSv1.2. SSL, SSLv2 and SSLv3 may be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities.

  • Type: string

  • Default: TLS

  • Importance: medium

https.ssl.provider

The name of the security provider used for SSL connections. Default value is the default security provider of the JVM.

  • Type: string

  • Default: null

  • Importance: medium

https.ssl.truststore.type

The file format of the trust store file.

  • Type: string

  • Default: JKS

  • Importance: medium

https.ssl.cipher.suites

A list of cipher suites. This is a named combination of authentication, encryption, MAC and key exchange algorithm used to negotiate the security settings for a network connection using TLS or SSL network protocol. By default all the available cipher suites are supported.

  • Type: list

  • Default: null

  • Importance: low

https.ssl.endpoint.identification.algorithm

The endpoint identification algorithm to validate server hostname using server certificate. Disable server hostname verification by setting https.ssl.endpoint.identification.algorithm to an empty string.

  • Type: string

  • Default: https

  • Importance: low

https.ssl.keymanager.algorithm

The algorithm used by key manager factory for SSL connections. Default value is the key manager factory algorithm configured for the Java Virtual Machine.

  • Type: string

  • Default: SunX509

  • Importance: low

https.ssl.secure.random.implementation

The SecureRandom PRNG implementation to use for SSL cryptography operations.

  • Type: string

  • Default: null

  • Importance: low

https.ssl.trustmanager.algorithm

The algorithm used by trust manager factory for SSL connections. Default value is the trust manager factory algorithm configured for the Java Virtual Machine.

  • Type: string

  • Default: SunX509

  • Importance: low

CSFLE configuration

csfle.enabled

Accepts a boolean value. CSFLE is enabled for the connector if csfle.enabled is set to True.

  • Type: boolean

  • Default: False

auto.register.schemas

Specifies if the Serializer should attempt to register the Schema with Schema Registry.

  • Type: boolean

  • Default: true

  • Importance: medium

use.latest.version

Only applies when auto.register.schemas is set to false. If auto.register.schemas is set to false and use.latest.version is set to true, then instead of deriving a schema for the object passed to the client for serialization, Schema Registry uses the latest version of the schema in the subject for serialization.

  • Type: boolean

  • Default: true

  • Importance: medium

Confluent Platform license

confluent.topic.bootstrap.servers A list of host/port pairs to use for establishing the initial connection to the Kafka cluster used for licensing. All servers in the cluster will be discovered from the initial connection. This list should be in the form <code>host1:port1,host2:port2,…</code>. Since these servers are just used for the initial connection to discover the full cluster membership (which may change dynamically), this list need not contain the full set of servers (you may want more than one, though, in case a server is down).

  • Type: list

  • Importance: high

confluent.topic Name of the Kafka topic used for Confluent Platform configuration, including licensing information.

  • Type: string

  • Default: _confluent-command

  • Importance: low

confluent.topic.replication.factor The replication factor for the Kafka topic used for Confluent Platform configuration, including licensing information. This is used only if the topic does not already exist, and the default of 3 is appropriate for production use. If you are using a development environment with less than 3 brokers, you must set this to the number of brokers (often 1).

  • Type: int

  • Default: 3

  • Importance: low

Confluent license properties

You can put license-related properties in the connector configuration, or starting with Confluent Platform version 6.0, you can put license-related properties in the Connect worker configuration instead of in each connector configuration.

This connector is proprietary and requires a license. The license information is stored in the _confluent-command topic. If the broker requires SSL for connections, you must include the security-related confluent.topic.* properties as described below.

confluent.license

Confluent issues enterprise license keys to each subscriber. The license key is text that you can copy and paste as the value for confluent.license. A trial license allows using the connector for a 30-day trial period. A developer license allows using the connector indefinitely for single-broker development environments.

If you are a subscriber, contact Confluent Support for more information.

  • Type: string

  • Default: “”

  • Valid Values: Confluent Platform license

  • Importance: high

confluent.topic.ssl.truststore.location

The location of the trust store file.

  • Type: string

  • Default: null

  • Importance: high

confluent.topic.ssl.truststore.password

The password for the trust store file. If a password is not set access to the truststore is still available, but integrity checking is disabled.

  • Type: password

  • Default: null

  • Importance: high

confluent.topic.ssl.keystore.location

The location of the key store file. This is optional for client and can be used for two-way authentication for client.

  • Type: string

  • Default: null

  • Importance: high

confluent.topic.ssl.keystore.password

The store password for the key store file. This is optional for client and only needed if ssl.keystore.location is configured.

  • Type: password

  • Default: null

  • Importance: high

confluent.topic.ssl.key.password

The password of the private key in the key store file. This is optional for client.

  • Type: password

  • Default: null

  • Importance: high

confluent.topic.security.protocol

Protocol used to communicate with brokers. Valid values are: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL.

  • Type: string

  • Default: “PLAINTEXT”

  • Importance: medium

License topic configuration

A Confluent enterprise license is stored in the _confluent-command topic. This topic is created by default and contains the license that corresponds to the license key supplied through the confluent.license property. No public keys are stored in Kafka topics.

The following describes how the default _confluent-command topic is generated under different scenarios:

  • A 30-day trial license is automatically generated for the _confluent command topic if you do not add the confluent.license property or leave this property empty (for example, confluent.license=).

  • Adding a valid license key (for example, confluent.license=<valid-license-key>) adds a valid license in the _confluent-command topic.

Here is an example of the minimal properties for development and testing.

You can change the name of the _confluent-command topic using the confluent.topic property (for instance, if your environment has strict naming conventions). The example below shows this change and the configured Kafka bootstrap server.

confluent.topic=foo_confluent-command
confluent.topic.bootstrap.servers=localhost:9092

The example above shows the minimally required bootstrap server property that you can use for development and testing. For a production environment, you add the normal producer, consumer, and topic configuration properties to the connector properties, prefixed with confluent.topic..

License topic ACLs

The _confluent-command topic contains the license that corresponds to the license key supplied through the confluent.license property. It is created by default. Connectors that access this topic require the following ACLs configured:

  • CREATE and DESCRIBE on the resource cluster, if the connector needs to create the topic.

  • DESCRIBE, READ, and WRITE on the _confluent-command topic.

    Important

    You can also use DESCRIBE and READ without WRITE to restrict access to read-only for license topic ACLs. If a topic exists, the LicenseManager will not try to create the topic.

You can provide access either individually for each principal that will use the license or use a wildcard entry to allow all clients. The following examples show commands that you can use to configure ACLs for the resource cluster and _confluent-command topic.

  1. Set a CREATE and DESCRIBE ACL on the resource cluster:

    kafka-acls --bootstrap-server localhost:9092 --command-config adminclient-configs.conf \
--add --allow-principal User:<principal> \
--operation CREATE --operation DESCRIBE --cluster

  2. Set a DESCRIBE, READ, and WRITE ACL on the _confluent-command topic:

    kafka-acls --bootstrap-server localhost:9092 --command-config adminclient-configs.conf \
--add --allow-principal User:<principal> \
--operation DESCRIBE --operation READ --operation WRITE --topic _confluent-command

Override Default Configuration Properties

You can override the replication factor using confluent.topic.replication.factor. For example, when using a Kafka cluster as a destination with less than three brokers (for development and testing) you should set the confluent.topic.replication.factor property to 1.

You can override producer-specific properties by using the producer.override.* prefix (for source connectors) and consumer-specific properties by using the consumer.override.* prefix (for sink connectors).

You can use the defaults or customize the other properties as well. For example, the confluent.topic.client.id property defaults to the name of the connector with -licensing suffix. You can specify the configuration settings for brokers that require SSL or SASL for client connections using this prefix.

You cannot override the cleanup policy of a topic because the topic always has a single partition and is compacted. Also, do not specify serializers and deserializers using this prefix; they are ignored if added.