Security
- Configuring Encryption
You can encrypt data with TLS or mTLS.
- Configuring Authentication
Redpanda supports multiple forms of authentication including SASL/SCRAM, basic authentication, and mTLS with principal mapping.
- Configuring Authorization
ACLs are the main mechanism supported by Redpanda to manage user permissions.
- IAM Roles
For self-hosted clusters deployed on a public cloud platform, cloud provider IAM roles provide a safer alternative to the less secure static credential system, which is based on access keys.
- Security on Kubernetes
- Configuring TLS on Kubernetes
Encrypt with Transport Layer Security (TLS) on Kubernetes.
- Configuring Redpanda SASL on Kubernetes
Configuring Redpanda SASL on Kubernetes.
Redpanda recommends that you always configure encryption, authentication, and authorization for production environments.
All concepts described in this section are compatible with Kafka and its client libraries and CLIs. This section does not cover ways you can protect your Redpanda cluster externally; for example, through network ACLs or private networks. |
Was this helpful?