Security
- Configuring Encryption
You can encrypt data with TLS or mTLS.
- Configuring Authentication
Redpanda supports multiple forms of authentication including SASL/SCRAM, basic authentication, and mTLS with principal mapping.
- Configuring Authorization
ACLs are the main mechanism supported by Redpanda to manage user permissions.
- IAM Roles
For self-hosted clusters deployed on a public cloud platform, cloud provider IAM roles provide a safer alternative to the less secure static credential system, which is based on access keys.
- Security on Kubernetes
- Configuring TLS on Kubernetes
Encrypt with Transport Layer Security (TLS) on Kubernetes.
- Configuring Redpanda SASL on Kubernetes
Configuring Redpanda SASL on Kubernetes.
Redpanda recommends that you always configure encryption, authentication, and authorization for production environments.
| All concepts described in this section are compatible with Kafka and its client libraries and CLIs. This section does not cover ways you can protect your Redpanda cluster externally; for example, through network ACLs or private networks. |
Was this helpful?