Important

You are viewing documentation for an older version of Confluent Platform. For the latest, click here.

Confluent Control Center Security

Configuring security for Control Center requires planning and needs to be done carefully. Because Control Center relies on Kafka Connect, Apache Kafka® brokers, Kafka Streams, interceptors, and metrics reporters to work properly, there are numerous options that should be set depending on a particular environment or requirement.

Confluent recommends reviewing Kafka Security and the associated components before configuring security for Control Center.

Important

After a component is secured, it will be unable to communicate with other non-secured components. For instance, if you have a secured Kafka broker and a secured Control Center, but you have not secured Connect, Control Center will behave sporadically when you attempt to use it. Be sure to secure all components in your environment.

• Configuring SSL
  • Kafka Brokers
  • Control Center Kafka Streams
  • Connect
    • Configuring Connect Worker Interceptors with SSL
    • Configuring Control Center to communicate with Connect over HTTPS
  • ksqlDB
  • Schema Registry
• Control Center Configuring SASL
  • ZooKeeper
  • Kafka Broker
  • Control Center Configuration
  • Schema Registry Configuration
  • Connect Configuration
• Control Center UI Authentication
  • UI HTTPS
• Configuring Control Center to work with Kafka ACLs
• Configuring Control Center with LDAP authentication
  • Escaping special characters
  • Configure Control Center JAAS
  • Start Control Center
  • Configure LdapLoginModule
• Configure RBAC for Control Center
  • Prerequisites
    • Recommended Confluent Platform RBAC reading
  • Limitations
  • Control Center resource access by role
    • About alerts access
  • Configure RBAC for Control Center
  • Set RBAC configuration options in the Control Center properties file
  • Add a role binding for the Control Center user
  • Role privileges
    • Topic management privileges by role in Control Center
    • Topic role binding examples
    • Connector privileges by role in Control Center
    • Connector role binding examples
    • Add a connector in Control Center fields considerations
    • ksqlDB privileges by role in Control Center
    • ksqlDB role binding example
  • Known issues with RBAC in Control Center
    • Control Center connections to external clusters
    • Control Center service principal role
    • Control Center deprecated views
    • Connect and ksqlDB clusters user access
  • Troubleshoot RBAC in Control Center
  • Disable RBAC
• Manage and view RBAC roles in Control Center
  • Log in to Control Center when RBAC enabled
  • Manage RBAC roles with Control Center
    • Prerequisites
    • Role permissions required for managing roles
      • Roles page
      • Manage Role Assignments page
    • Add a role assignment
      • Add role assignment form
        • Fields
      • Add a role assignment (cluster scope)
      • Add a role assignment (resource scope)
    • Delete a role assignment
      • Delete a role assignment (cluster or resource)
    • Troubleshoot role assignments
  • View your RBAC roles in Control Center
    • Roles page
    • View My Role Assignments