Security

    All concepts described in this section are compatible with Kafka and its client libraries and CLIs. This section does not cover ways you can protect your Redpanda cluster externally; for example, through network ACLs or private networks.
  • Configure Authentication

    Redpanda supports multiple forms of authentication including SASL/SCRAM, mTLS with principal mapping, and basic authentication.

  • Redpanda Authorization Mechanisms

    Redpanda provides two mechanisms for controlling user permissions.

  • Configure Redpanda for FIPS

    Configure Redpanda to operate in FIPS compliance mode.

  • Configure Kafka TLS Encryption

    Enable encryption with TLS or mTLS.

  • Configure Listeners

    Use listeners to advertise the location of the broker, so other brokers in the cluster can be found.

  • IAM Roles

    For Redpanda Self-Managed clusters deployed on a public cloud platform, cloud provider IAM roles and managed identities provide a safer alternative to the less secure static credential system, which is based on access keys.