# Security

> For the complete documentation index, see [llms.txt](https://docs.redpanda.com/llms.txt). Component-specific: [streaming-full.txt](https://docs.redpanda.com/streaming-full.txt)

---
title: Security
latest-redpanda-tag: v25.1.1
latest-console-tag: v3.7.3
latest-operator-version: v26.1.4
# EOL = End-of-Life (support lifecycle status)
page-is-nearing-eol: "false"
page-is-past-eol: "true"
page-eol-date: April 7, 2026
latest-connect-version: 4.93.0
docname: security/index
page-component-name: streaming
page-version: "25.1"
page-component-version: "25.1"
page-component-title: Streaming
page-relative-src-path: security/index.adoc
page-edit-url: https://github.com/redpanda-data/docs/edit/v/25.1/modules/manage/pages/security/index.adoc
description: Learn how to configure authentication, authorization, encryption, listeners, and other security features.
page-git-created-date: "2023-06-02"
page-git-modified-date: "2024-02-26"
support-status: past end-of-life
---

<!-- Source: https://docs.redpanda.com/streaming/25.1/manage/security.md -->

> 📝 **NOTE**
>
> All concepts described in this section are compatible with Kafka and its client libraries and CLIs. This section does not cover ways you can protect your Redpanda cluster externally; for example, through network ACLs or private networks.

-   [Configure Authentication](authentication/)

    Redpanda supports multiple forms of authentication including SASL/SCRAM, mTLS with principal mapping, and basic authentication.

-   [Redpanda Authorization Mechanisms](authorization/)

    Redpanda provides two mechanisms for controlling user permissions.

-   [Configure Redpanda for FIPS](fips-compliance/)

    Configure Redpanda to operate in FIPS compliance mode.

-   [Configure Kafka TLS Encryption](encryption/)

    Enable encryption with TLS or mTLS.

-   [Configure Listeners](listener-configuration/)

    Use listeners to advertise the location of the broker, so other brokers in the cluster can be found.

-   [IAM Roles](iam-roles/)

    For Redpanda Streaming clusters deployed on a public cloud platform, cloud provider IAM roles and managed identities provide a safer alternative to the less secure static credential system, which is based on access keys.