Prerequisite Tasks

Before enabling security for a Kafka stage, complete the following prerequisite tasks for the security method that you want to use:

SSL/TLS

Complete the following prerequisite tasks before using SSL/TLS to connect to Kafka:

Before using SSL/TLS to connect to Kafka, make sure Kafka is configured for SSL/TLS as described in the Kafka documentation.
If configuring a Kafka YARN cluster pipeline, store the SSL truststore and keystore files in the same location on the Data Collector machine and on each node in the YARN cluster.

SASL with the PLAIN (username/password) mechanism

Complete the following prerequisite tasks before using SASL with the PLAIN mechanism to connect to Kafka:

Make sure Kafka is configured for SASL authentication with the PLAIN mechanism as described in the Kafka documentation.
Define the username and password credentials in a JAAS configuration file, as described in Providing PLAIN Credentials.
If configuring a Kafka YARN cluster pipeline, store the JAAS configuration file in the same locations on the Data Collector machine and on each node in the YARN cluster.

SASL with the GSSAPI (Kerberos) mechanism

Complete the following prerequisite tasks before using SASL with the GSSAPI (Kerberos) mechanism to connect to Kafka:

Make sure Kafka is configured for SASL authentication with the GSSAPI (Kerberos) mechanism as described in the Kafka documentation.
Make sure that Kerberos authentication is enabled for Data Collector, as described in Kerberos AuthenticationKerberos Authentication in the Data Collector documentation.
Determine how to provide the Kerberos credentials and complete the required tasks as described in Providing Kerberos Credentials.
If configuring a Kafka YARN cluster pipeline, store the JAAS configuration and Kafka keytab files in the same locations on the Data Collector machine and on each node in the YARN cluster.