Your one-stop shop to learn about the most important recent updates within Confluent Cloud™.
Product Updates (published 5/27/2021)
Broker-Side Schema ID Validation now GA: Expanding upon data quality improvement features within Confluent Cloud, Broker-Side Schema ID Validation ensures brokers coordinate with Schema Registry before publishing messages to Kafka. Enabled at the topic-level, the feature verifies that the schema ID tied to an incoming message is both valid within Schema Registry and assigned to the destination topic (according to the subject naming strategy) in order to publish. Broker-Side Schema ID Validation is now available for all Dedicated clusters in Confluent Cloud.
Cluster Role-Based Access Control (RBAC) now GA: When running Kafka at scale, it’s important to restrict users to only the permissions required for their roles and responsibilities. With ACLs and service accounts, you’ve always been able to gate access to Kafka resources like topics. With Cluster Role-Based Access Control (RBAC), now generally available, you can easily set role-based permissions per user to gate management access to critical resources like production environments, sensitive clusters, and billing details. Roles available include OrganizationAdmin, EnvironmentAdmin, CloudClusterAdmin, and MetricsViewer. Visit documentation for more details.
Audit Logs now GA: Available within Standard and Dedicated clusters and enabled by default, Audit Logs provide an easy means of tracking user/application resource access activity in order to identify potential anomalies and bad actors. Kafka authentication and management authorization events are captured in a specific Kafka topic which you can consume in real time like any other Kafka topic and analyze/audit within your service of choice such as third-party tools like Splunk or Elastic. Retention is set to 7 days. Visit documentation for more details.
BYOK encryption for Google Cloud now in Preview: Bring Your Own Key (BYOK) provides you with the ability to encrypt data at rest with your own custom key and enables more control for access disabling, should the need ever arise. Generally available for AWS, BYOK encryption for Google Cloud is now available in Preview. We are working to bring this feature to Azure in the future.
MongoDB Atlas Source & Sinks connectors now GA: The MongoDB Atlas Source and Sink Connectors are now generally available. With just a few simple clicks, you can now link the power of Kafka together with MongoDB. These fully managed connectors eliminate the need for development and management of custom integrations and thereby reduce the overall operational burden of connecting data between the best-of-breed technologies.
ksqlDB 0.17.0 is live! We’re excited to announce that ksqlDB 0.17.0 has been released which adds support for managing the lifecycle of your queries from CI servers, a first-class timestamp data type, inline functions, extended expressivity for pull queries, materialization support for more kinds of data, and much more.