Apache Kafka Series - Kafka Security | SSL SASL Kerberos ACL

Name: Apache Kafka Series - Kafka Security | SSL SASL Kerberos ACL
Rating: 4.6 (1532 reviews)

Hands-On Course - Kafka Security Setup in AWS with SSL Encryption & Authentication, SASL Kerberos, ACL in Zookeeper

14,698 students

Created by Stephane Maarek | AWS Certified Cloud Practitioner,Solutions Architect,Developer, Gerd Koenig, Conduktor Kafkademy

Last updated 6/2023

English

English [Auto], Simplified Chinese [Auto]

What you'll learn

Setup and use SSL encryption in Kafka
Setup and use SSL authentication in Kafka
Setup and use SASL Kerberos authentication in Kafka
Create and use ACLs in Kafka
Configure Kafka Clients to make them work with security
Configure Zookeeper Security

Requirements

Knowledge of Kafka + Setup is necessary
Knowledge of Linux is necessary
Mac / Linux computer or Windows 10 computer with Ubuntu Bash installed
No prior knowledge of SSL, SASL, Kerberos is required
Prior knowledge of AWS is preferred

Description

If you've struggled setting up Kafka Security, or can't make sense of the documentation, this course is for you

First of all, an insecure cluster is a big problem:

anyone can read / write to any topic, and this can lead to bad data or data leak
you don't know who is connected to your cluster
data isn't encrypted in flight and could be intercepted by hackers

In this course, you'll learn Kafka Security, with Encryption (SSL), Authentication (SSL & SASL), and Authorization (ACL).

Over 1800 students and 160 reviews later, we're convinced this course can save you a lot of time.

----------------------------

Kafka Security is important for the following reasons:

Encryption (SSL) for Apache Kafka

> Ensure data is securely transported from machine to machine
> Prevent MIDM (man-in-the-middle attacks) on your Kafka Cluster
> No more PLAINTEXT data going around in your network

Authentication (SSL & SASL) for Apache Kafka

> Ensure only clients with credentials can access your clusters
> Give each of your clients a user-id, therefore enabling the possibility of controlling their access using ACL

Authorization (ACL) for Apache Kafka

> Ensure the clients can only read / write topics based on administrator rules
> Ensure clients cannot create / delete topics
> Provide the audit team the guarantee that the cluster is secure

Hands On & Theory Based Course

Note: This course only deals with SSL for encryption & Authentication and SASL Kerberos, not other mechanisms. It also does provide an overview to enable security in a multi-broker setup, but that last part is left for the student to investigate and practice.

This course is the first and only available Kafka Security Course on the web. Get it now to become an Apache Kafka expert!

Section outline:

Course Introduction: Let's learn why we need Security in Apache Kafka
Kafka Setup: Quickly setup Kafka in AWS EC2 and test it, as a pre-requisite to setting up security on it
SSL Encryption in Kafka: Setup a Certificate Authority and create certificates for your Kafka broker and Kafka client
SSL Authentication in Kafka: Learn how to force clients to authenticate using SSL to connect to your Kafka Cluster
SASL Authentication - Kerberos GSSAPI in Kafka: Setup Kerberos on an EC2 machine and create credentials for Kafka and Clients.
Authorization in Kafka: Learn how to enforce ACLs in Kafka and use the CLI to authorize clients.
Zookeeper Security: Learn how to secure Zookeeper using Kerberos

===============================

Instructor

My name is Stephane Maarek, and I'll be your instructor in this course. I teach about Apache Kafka, the Kafka ecosystem and Kafka Certifications with my focus always on helping my students improve their professional proficiencies. I am also the co-founder of Conduktor: an enterprise Apache Kafka platform & UI to help everyone use Kafka.

Throughout my career in designing and delivering these certifications and courses, I have already taught 1,000,000+ students and gotten 350,000+ reviews!

Gerd Koenig is one of the instructors of this course. He is an Apache Kafka Expert, and has done countless of production deployments and security setup at many of his clients. He will be taking the leads on all the Hands-On Lecture.

With Apache Kafka becoming much more than a buzzword out there, I've decided it's time for students to properly learn how to be a Kafka professional. So, let’s kick start the course! You are in good hands!

===============================

This Course Also Comes With:

Lifetime Access to All Future Updates
A responsive instructor in the Q&A Section
Links to interesting articles, and lots of good code to base your next applications onto
Udemy Certificate of Completion Ready for Download

This is the course that could improve your career!

Apache Kafka is a skill in high demand and there are not enough people to fulfill all the open positions. You can boost your income, take on new roles and fun challenges. Many of my students are now the Kafka experts of their companies! You can be the next!

I hope to see you inside the course!

=======================

Note: Looking for more advanced Kafka concepts? There are many volumes in the Apache Kafka Series:

Learn Kafka for Beginners v2 (great to start)
Kafka Connect Hands-On Learning
Kafka Streams for Data Processing
KSQL on ksqlDB - Hands On!
Kafka Cluster Setup & Administration
Confluent Schema Registry & Kafka REST Proxy
Kafka Security (SSL SASL ACL)
Kafka Monitoring and Operations

Happy learning!

Who this course is for:

Administrators who want to start setting up Kafka Security
Developers who want to learn which security settings to use in their programs
Solution Architects who want to learn how Kafka Security works

Featured review

John H.

157 courses

5 reviews

3 years ago

For a beginner to Kafka security, this course is a good start. A lot of information is given. Kerberos setup is explained in detail( authentication authorization etc...), SSL part is neglected especially using SSL authorization while securing Zookeeper. For a project that is improving and evolving as fast as Apache Kafka a little bit outdated, I know this is not easy to manage.

Stephane Maarek | AWS Certified Cloud Practitioner,Solutions Architect,Developer

Best Selling Instructor, 10x AWS Certified, Kafka Guru

4.7 Instructor Rating
617,651 Reviews
2,010,092 Students
49 Courses

Stephane is a solutions architect, consultant and software developer that has a particular interest in all things related to Big Data, Cloud & API. He's also a many-times best seller instructor on Udemy for his courses in AWS and Apache Kafka.

[See FAQ below to see in which order you can take my courses]

Stéphane is recognized as an AWS Hero and is an AWS Certified Solutions Architect Professional & AWS Certified DevOps Professional. He loves to teach people how to use the AWS properly, to get them ready for their AWS certifications, and most importantly for the real world.

He also loves Apache Kafka. He sits on the 2019 Program Committee organizing the Kafka Summit in New York, London and San Francisco. He is also an active member of the Apache Kafka community, authoring blogs on Medium and a guest blog for Confluent.

During his spare time he enjoys cooking, practicing yoga, surfing, watching TV shows, and traveling to awesome destinations!

FAQ: In which order should you learn?...

AWS Cloud: Start with AWS Certified Solutions Architect Associate, then move on to AWS Certified Developer Associate and then AWS Certified SysOps Administrator. Afterwards you can either do AWS Certified Solutions Architect Professional or AWS Certified DevOps Professional, or a specialty certification of your choosing.

Apache Kafka: Start with Apache Kafka for Beginners, then you can learn Connect, Streams and Schema Registry if you're a developer, and Setup and Monitoring courses if you're an admin. Both tracks are needed to pass the Confluent Kafka certification.

Gerd Koenig

DevOps/Kafka/BigData/K8s/Cloud Practitioner

4.6 Instructor Rating
1,532 Reviews
14,698 Students
1 Course

=><=
Experienced in setting up and operating Kafka-, Hadoop-Clusters on both on-premise and Cloud, "enterprise-ready" incl. Security .

Cloud architectures and ops

Community oriented and a CNCF enthusiast of all things Containers & its orchestration. K8s and tooling around

=><=
several years of consulting experience in BigData throughout various businesses and lots of production deployments. Doing architecture/planning/setup and maintenance of Container-Orchestrations as well as many kind of Clusters, Kafka and/or many tools from Hadoop distributions HDP / HDF / CDH.

Securing Hadoop Clusters by Kerberos Authentication, Authorization, Encryption, ...

Conduktor Kafkademy

Apache Kafka enterprise platform to empower your teams

4.6 Instructor Rating
60,720 Reviews
226,760 Students
10 Courses

Conduktor is an Apache Kafka enterprise platform that helps your team be more efficient and faster at using Apache Kafka.

Conduktor Platform allows developers use Apache Kafka with confidence. The Apache Kafka UI is adapted for all Kafka clusters and has features for the entire Apache Kafka ecosystem, including Confluent, Kafka Connect and Kafka Streams!

Conduktor was founded by Stéphane Maarek, the best-selling instructor on Apache Kafka here on Udemy.