Reputation: 25
Kafka cluster security for IOT
I am new to the Kafka and want to deploy Kafka Production cluster for IOT. We will be receiving messages from Raspberry Pi over the internet to our Kafka cluster which we will be hosting on AWS.
Now the concern, since we need to open the KAFKA PORT to the outer internet we are opening a way to system threat as it will compromise with the security by opening port to outer world.
Please let me know what can be done so that we can prevent malicious access using KAFKA port over the internet.
Pardon me if I am not clear with the question, do let me know if rephrasing of queation is needed.
Upvotes: 1
Views: 445
Answers (2)
Reputation: 8335
Consider using a REST Proxy in front of your Kafka brokers (such as the one from Confluent). Then you can secure your Kafka cluster just as you would secure any REST API exposed to the public internet. This architecture is proven in production for several very large IoT use cases.
Upvotes: 1
Reputation: 14523
There are two ways that are most effective for Kafka Security.
- Implement SSL Encryption for Kafka.
- Authentication using SASL
You can follow this guide. http://kafka.apache.org/documentation.html#security_sasl
Upvotes: 1
Related Questions
- Kafka 0.9.1 authorization
- Securing access to REST API of Kafka Connect
- How to setup Kafka Security and listeners in dynamic environment?
- Apache Kafka : Can be used to push data to IoT devices?
- kafka machines in the cluster and kafka communications
- ACLs for cluster resource in kafka
- Doubts Regarding Kafka Cluster Setup
- Kafka cluster setup
- spark kafka security kerberos
- Protect Kafka against flood