Kafka Security Configuration#
FastStream Kafka Security#
This chapter discusses the security options available in FastStream and how to use them.
FastStream allows you to enhance the security of applications by using security objects when creating brokers. These security objects encapsulate security-related configurations and mechanisms. Security objects supported in FastStream are (More are planned in the future such as SASL OAuth):
1. BaseSecurity Object#
BaseSecurity object wraps
ssl.SSLContext object and is used to enable SSL/TLS encryption for secure communication between FastStream services and external components such as message brokers.
2. SASLPlaintext Object with SSL/TLS#
SASLPlaintext object is used for authentication in SASL (Simple Authentication and Security Layer) plaintext mode. It allows you to provide a username and password for authentication.
Using any SASL authentication without SSL:
The following example should raise a RuntimeException:
If the user does not want to use SSL encryption, they must explicitly set the
use_ssl parameter to
False when creating a SASL object.
3. SASLScram256/512 Object with SSL/TLS#
SASLScram512 objects are used for authentication using the Salted Challenge Response Authentication Mechanism (SCRAM).