Security

Redpanda recommends that you always configure encryption, authentication, and authorization for production environments.

All concepts described in this section are compatible with Kafka and its client libraries and CLIs. This section does not cover ways you can protect your Redpanda cluster externally; for example, through network ACLs or private networks.

Configure Authentication
Enable and configure authentication. Different components of Redpanda support different authentication methods.
Configure Authorization
Configure access-control lists (ACLs) to enable fine-grained access to provisioned users.
Configure Kafka TLS Encryption
A security best practice is to enable encryption with TLS or mTLS.
Configure Listeners
Use listeners to advertise the location of the broker, so other brokers in the cluster can be found.
Redpanda Console Security
See security topics specific to Redpanda Console.
IAM Roles
For self-hosted clusters deployed on a public cloud platform, cloud provider IAM roles provide a safer alternative to the less secure static credential system, which is based on access keys.

Was this helpful?

Ask in the community

Share your feedback

Make a contribution

What do you like about this doc?

Let us know what we do well:

Let us contact you about your feedback:

What did you not like about this doc?

Let us know what we can improve:

Let us contact you about your feedback:

Security

Simple online edits

Contribution guide