Download as PDF, PPTX
Uploaded byDale Lane
Describing Kafka security in AsyncAPI
The document outlines Kafka security within the AsyncAPI framework, covering various protocols such as Kafka and Kafka-secure, alongside security mechanisms like encryption and authentication. It details the implementation of various security schemes, including plaintext, scram-sha-256, scram-sha-512, and OAuth2, along with Java properties configurations for each scheme. Additionally, the document provides resources and tools for working with AsyncAPI specifications.
More Related Content
![Vibe Coding vs. Spec-Driven Development [Free Meetup]](https://cdn.slidesharecdn.com/ss_thumbnails/vibecodingvsspecdrivendevelopment-251209105622-43f455e7-thumbnail.jpg?width=640&height=640&fit=bounds)
Describing Kafka security in AsyncAPI
- 1. Describing Kafka securityin AsyncAPI Dale Lane, IBM
- 2.
- 5. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka no encryption
- 6. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka no encryption
- 7. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka asyncapi: 2.2.0 info: title: My Kafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka-secure no encryption encryption
- 8. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka asyncapi: 2.2.0 info: title: My Kafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka-secure no encryption encryption
- 9. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka asyncapi: 2.2.0 info: title: My Kafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka-secure no encryption encryption
- 11. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka no authentication
- 12. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: <kafkaAuthType> authentication
- 13. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: <kafkaAuthType> authentication
- 14. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: <kafkaAuthType> authentication AsyncAPI security scheme types plain scramSha256 scramSha512 oauth2 gssapi X509
- 15. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: plain authentication AsyncAPI security scheme types plain scramSha256 scramSha512 oauth2 gssapi X509
- 16. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka-secure security: - mysecurity components: securitySchemes: mysecurity: type: scramSha256 authentication AsyncAPI security scheme types plain scramSha256 scramSha512 oauth2 gssapi X509
- 17. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: scramSha512 authentication AsyncAPI security scheme types plain scramSha256 scramSha512 oauth2 gssapi X509
- 20. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 Properties Java
- 21. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka Properties Java
- 22. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security.protocol: PLAINTEXT Properties Java
- 23. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka Properties props = new Properties(); props.put( CommonClientConfigs.BOOTSTRAP_SERVERS_CONFIG, "mycluster.org:8092"); props.put( CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "PLAINTEXT"); security.protocol: PLAINTEXT Properties Java
- 24. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: scramSha256 Properties Java
- 25. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: scramSha256 security.protocol: SASL_PLAINTEXT sasl.mechanism: SCRAM-SHA-256 Properties Java
- 26. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: scramSha256 Properties props = new Properties(); props.put( CommonClientConfigs.BOOTSTRAP_SERVERS_CONFIG, "mycluster.org:8092"); props.put( CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SASL_PLAINTEXT"); props.put( SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-256"); security.protocol: SASL_PLAINTEXT sasl.mechanism: SCRAM-SHA-256 Properties Java
- 27. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka-secure security: - mysecurity components: securitySchemes: mysecurity: type: scramSha512 Properties Java
- 28. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka-secure security: - mysecurity components: securitySchemes: mysecurity: type: scramSha512 security.protocol: SASL_SSL sasl.mechanism: SCRAM-SHA-512 Properties Java
- 29. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka-secure security: - mysecurity components: securitySchemes: mysecurity: type: scramSha512 Properties props = new Properties(); props.put( CommonClientConfigs.BOOTSTRAP_SERVERS_CONFIG, "mycluster.org:8092"); props.put( CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SASL_SSL"); props.put( SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-512"); security.protocol: SASL_SSL sasl.mechanism: SCRAM-SHA-512 Properties Java
- 30. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: plain Properties Java
- 31. asyncapi: 2.2.0 info: title: MyKafka topic version: 1.0.0 servers: demo: url: mycluster.org:8092 protocol: kafka security: - mysecurity components: securitySchemes: mysecurity: type: plain Properties props = new Properties(); props.put( CommonClientConfigs.BOOTSTRAP_SERVERS_CONFIG, "mycluster.org:8092"); props.put( CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SASL_PLAINTEXT"); props.put( SaslConfigs.SASL_MECHANISM, "PLAIN"); security.protocol: SASL_PLAINTEXT sasl.mechanism: PLAIN Properties Java
- 32. AsyncAPI server protocol AsyncAPI security schemetype Kafka sasl.mechanism Kafka security.protocol kafka PLAINTEXT kafka plain SASL_PLAINTEXT PLAIN kafka scramSha256 SASL_PLAINTEXT SCRAM-SHA-256 kafka scramSha512 SASL_PLAINTEXT SCRAM-SHA-512 kafka oauth2 SASL_PLAINTEXT OAUTHBEARER kafka gssapi SASL_PLAINTEXT GSSAPI kafka-secure SSL kafka-secure plain SASL_SSL PLAIN kafka-secure scramSha256 SASL_SSL SCRAM-SHA-256 kafka-secure scramSha512 SASL_SSL SCRAM-SHA-512 kafka-secure oauth2 SASL_SSL OAUTHBEARER kafka-secure gssapi SASL_SSL GSSAPI kafka-secure X509 SSL
- 33. Tools that understandthis: • AsyncAPI generator • @asyncapi/markdown-template • https://github.com/asyncapi/markdown-template • @asyncapi/html-template • https://github.com/asyncapi/asyncapi-react • @asyncapi/java-spring-template • https://github.com/asyncapi/java-spring-template • @asyncapi/java-template • https://github.com/IBM-messaging/mq-asyncapi-java-template • Node-RED AsyncAPI plugin • https://github.com/dalelane/node-red-contrib-plugin-asyncapi
- 34. Describing Kafka securityin AsyncAPI Dale Lane, IBM