Securing Apache Kafka
TLS
Step 1: Generate keys and certificates for Kafka brokers
Step 2: Create your own certificate authority
Step 3: Sign the certificate
Step 4: Configure Kafka brokers
Step 5: Configure Kafka clients
Configure Zookeeper TLS/SSL support for Kafka
Authentication
Kerberos authentication
Delegation token based authentication
Enable or disable authentication with delegation tokens
Manage individual delegation tokens
Rotate the master key/secret
Client authentication using delegation tokens
Configure clients on a producer or consumer level
Configure clients on an application level
Kafka security hardening with Zookeeper ACLs
Restrict access to Kafka metadata in Zookeeper
Unlock Kafka metadata in Zookeeper
LDAP authentication
Configure Kafka brokers
Configure Kafka clients
PAM Authentication
Configure Kafka brokers
Configure Kafka clients
Authorization
Ranger
Enable authorization in Kafka with Ranger
Configure the resource-based Ranger service used for authorization
Using Kafka's inter-broker security