Security Overview

GUI HTTPS

HTTPS is supported for web access to Confluent Control Center. For more details, check the configuration options.

Kafka

Standard Kafka authentication, authorization, and encryption options are available for control center and interceptors.

Authorization with Kafka ACLS

We have provided a script for creating the ACLs necessary for Confluent Control Center to operate on an authorized cluster. This script needs to be run before you start Confluent Control Center:

$ export KAFKA_OPTS="-Djava.security.auth.login.config=/path/to/kafka_jaas.conf"
$ bin/controlcenter-set-acls config/controlcenter.properties

You will also need to export a Confluent Control Center JAAS config before starting Confluent Control Center.

$ export CONTROL_CENTER_OPTS='-Djava.security.auth.login.config=/path/to/c3_jaas.conf'