Security

    All concepts described in this section are compatible with Kafka and its client libraries and CLIs. This section does not cover ways you can protect your Redpanda cluster externally; for example, through network ACLs or private networks.
  • Configure Authentication

    Redpanda supports multiple forms of authentication including SASL/SCRAM, mTLS with principal mapping, and basic authentication.

  • Configure Authorization

    ACLs are the main mechanism supported by Redpanda to manage user permissions.

  • Configure Kafka TLS Encryption

    Enable encryption with TLS or mTLS.

  • Configure Listeners

    Use listeners to advertise the location of the broker, so other brokers in the cluster can be found.

  • Redpanda Console Security

    Security topics specific to Redpanda Console.

  • IAM Roles

    For self-hosted clusters deployed on a public cloud platform, cloud provider IAM roles provide a safer alternative to the less secure static credential system, which is based on access keys.