Protect Data in Confluent Platform

Confluent Platform components by default are not configured to support data protection features, including encryption and log redaction. To protect your data, you must configure your Confluent Platform components to support data protection features. The following sections cover topics related to protecting the data in your Confluent Platform clusters.

Encrypt data in motion using TLS

• Encrypt TLS

Redact Confluent logs

• Redact Confluent Logs

In addition to the standard Kafka security support, you can store sensitive data (such as passwords, API tokens, and certificates) using secrets management available in Confluent Platform or using external secrets management tools.

To learn more about secrets management in Confluent Platform, see Secrets Management.