Kafkadevops~30 mins

Why securing Kafka protects data - See It in Action

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Why securing Kafka protects data

📖 Scenario: You work at a company that uses Kafka to send messages between different parts of your system. You want to make sure that only the right people and programs can send or read messages. This helps keep the data safe and private.

🎯 Goal: You will create a simple Kafka configuration that shows how to secure Kafka by setting up authentication and authorization. This will protect the data from being accessed by unauthorized users.

📋 What You'll Learn

Create a Kafka server properties file with security settings

Add a configuration variable for enabling SASL authentication

Write the main Kafka server configuration to require authentication and authorization

Print the final Kafka server properties to verify the security settings

💡 Why This Matters

🌍 Real World

Securing Kafka servers helps companies keep their message data safe from hackers and unauthorized users. It protects sensitive information and ensures only trusted programs can send or receive messages.

💼 Career

Many jobs in data engineering and system administration require setting up and maintaining secure Kafka clusters. Understanding Kafka security basics is important for these roles.

Progress0 / 4 steps

Create Kafka server properties with basic settings

Create a dictionary called kafka_properties with these exact entries: 'broker.id': '1', 'log.dirs': '/tmp/kafka-logs', and 'zookeeper.connect': 'localhost:2181'.

Kafka

# Your code here

Need a hint?

Think of kafka_properties as a list of settings for your Kafka server. You need to add the broker ID, where logs are stored, and how to connect to Zookeeper.

Add SASL authentication setting

Add a new entry to kafka_properties with key 'sasl.enabled.mechanisms' and value 'PLAIN'.

Kafka

kafka_properties = {
    'broker.id': '1',
    'log.dirs': '/tmp/kafka-logs',
    'zookeeper.connect': 'localhost:2181'
}
# Add SASL authentication setting below
# Your code here

Need a hint?

SASL is a way to check who is connecting. Setting 'sasl.enabled.mechanisms' to 'PLAIN' means Kafka will use simple username and password checks.

Configure Kafka to require authentication and authorization

Add these exact entries to kafka_properties: 'authorizer.class.name': 'kafka.security.auth.SimpleAclAuthorizer' and 'allow.everyone.if.no.acl.found': 'false'.

Kafka

kafka_properties = {
    'broker.id': '1',
    'log.dirs': '/tmp/kafka-logs',
    'zookeeper.connect': 'localhost:2181',
    'sasl.enabled.mechanisms': 'PLAIN'
}
# Add authorization settings below
# Your code here

Need a hint?

Authorization controls who can do what. Setting 'authorizer.class.name' tells Kafka to check permissions. Setting 'allow.everyone.if.no.acl.found' to false means no one can access without permission.

Print the Kafka server properties to verify security settings

Write print(kafka_properties) to display the final Kafka server properties dictionary.

Kafka

kafka_properties = {
    'broker.id': '1',
    'log.dirs': '/tmp/kafka-logs',
    'zookeeper.connect': 'localhost:2181',
    'sasl.enabled.mechanisms': 'PLAIN',
    'authorizer.class.name': 'kafka.security.auth.SimpleAclAuthorizer',
    'allow.everyone.if.no.acl.found': 'false'
}
# Print the kafka_properties dictionary below
# Your code here

Need a hint?

Use print(kafka_properties) to see all the settings you added. This helps confirm your security setup.