Is there a better way to manage access to resources without compromising security? New employees need access to a variety of resources within a company's tech stack. But manually granting access can be error-prone. And when employees leave, their access must be revoked, thus potentially introducing security risks if an admin misses one. In this podcast, Kris Jenkins talks to Anuj Sawani (Security Product Manager, Confluent) about the centralized identity management system he helped build to integrate with Apache Kafka® to prevent common identity management headaches and security risks.
With 12+ years of experience building cybersecurity products for enterprise companies, Anuj Sawani explains how he helped build out KIP-768 (Secured OAuth support in Kafka) that supports a unified identity mechanism that spans across cloud and on-premises (hybrid scenarios).
Confluent Cloud customers wanted a single identity to access all their services. The manual process required managing different sets of identity stores across the ecosystem. Anuj goes on to explain how Identity and Access Management (IAM) using cloud-native authentication protocols, such as OAuth or OpenID Connect, solves this problem by centralizing identity and minimizing security risks.
Anuj emphasizes that sticking with industry standards is key because it makes integrating with other systems easy. With OAuth now supported in Kafka, this means performing client upgrades, configuring identity providers, etc. to ensure the applications can leverage new capabilities. Some examples of how to do this are to use centralized identities for client/broker connections.
As Anuj continues to build and enhance features, he hopes to recommend this unified solution to other technology vendors because it makes integration much easier. The goal is to create a web of connectors that support the same standards. The future is bright, as other organizations are researching supporting OAuth and similar industry standards. Anuj is looking forward to the evolution and applying it to other use cases and scenarios.
EPISODE LINKS
Ask Confluent #18: The Toughest Questions ft. Anna McDonald
Joining Forces with Spring Boot, Apache Kafka, and Kotlin ft. Josh Long
Building an Apache Kafka Center of Excellence Within Your Organization ft. Neil Buesing
Creating Your Own Kafka Improvement Proposal (KIP) as a Confluent Intern ft. Leah Thomas
Confluent Platform 6.0 | What's New in This Release + Updates
Using Event Modeling to Architect Event-Driven Information Systems ft. Bobby Calderwood
Using Apache Kafka as the Event-Driven System for 1,500 Microservices at Wix ft. Natan Silnitsky
Top 6 Things to Know About Apache Kafka ft. Gwen Shapira
5 Years of Event Streaming and Counting ft. Gwen Shapira, Ben Stopford, and Michael Noll
Championing Serverless Eventing at Google Cloud ft. Jay Smith
Disaster Recovery with Multi-Region Clusters in Confluent Platform ft. Anna McDonald and Mitch Henderson
Developer Advocacy (and Kafka Summit) in the Pandemic Era
Apache Kafka 2.6 - Overview of Latest Features, Updates, and KIPs
Testing ksqlDB Applications ft. Viktor Gamov
How to Measure the Business Value of Confluent Cloud ft. Lyndon Hedderly
Modernizing Inventory Management Technology ft. Sina Sojoodi and Rohit Kelapure
Fault Tolerance and High Availability in Kafka Streams and ksqlDB ft. Matthias J. Sax
Benchmarking Apache Kafka Latency at the 99th Percentile ft. Anna Povzner
Open Source Workflow Automation with Apache Kafka ft. Bernd Ruecker
Growing the Event Streaming Community During COVID-19 ft. Ale Murray
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast