1. Authentication in Kafka ensures that only clients thats can prove their identity can connect to our Kafka Cluster
2. This is similar concept to a login (username / password)
4. SSL Authentication: clients authenticate to Kafka using SSL certificates
5. SASL Authentication:
- PLAIN: clients authenticate using username / password (weak - easy to setup)
- Kerberos: such as Microsoft Active Directory (strong - hard to setup)
- SCRAM: username / password (strong - medium to setup)
6. Once a client is authenticated, Kafka can verify its identity
7. It still needs to be combined with authorisatioin, so that Kafka knows that
- "User alice can view topic finace"
- "User bob cannot view topic trucks"
8. ACL(Access Control Lists) have to be maintained by administration and onboard new users
댓글 없음:
댓글 쓰기