Skip to main content

Confluent Keys

Description#

General#

  • Documentation: https://docs.confluent.io/cloud/current/client-apps/api-keys.html

  • Summary: The Confluent REST Proxy provides a RESTful interface to an Apache Kafka® cluster, making it easy to produce and consume messages, view the state of the cluster, and perform administrative actions without using the native Kafka protocol or clients. This detector finds basic authentication credentials used to make requests.

  • IPs allowlist: As of the time of writing this documentation, this feature is not yet supported.

  • Scopes: Keys can be assigned to certain roles by creating different users with different access rights on the clusters.

Revoke the secret#

See configuration files.

Check for suspicious activity#

To check for suspicious activity, logs need to be enabled. See the documentation.

Details for Confluent api keys#

  • Family: Api

  • Category: Collaboration tool

  • Company: Confluent

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.07

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - confluent  - ccloud  - cpdev  - kafka

Examples#

- text: confluent    +# basic.auth.user.info=06R3HSEUIQ1DVO7U:M8m6yxc2AFX8p4IQe8Lf5H+GXmYkGrTSke/J8oCkFqDMs1w65XKASDCdq0RHGVSR  client_id: 06R3HSEUIQ1DVO7U  client_secret: M8m6yxc2AFX8p4IQe8Lf5H+GXmYkGrTSke/J8oCkFqDMs1w65XKASDCdq0RHGVSR- text: confluent +# basic.auth.user.info=06R3HSEUIQ1DVO7U:M8m6yxc2AFX8p4IQe8Lf5H+GXmYkGrTSke/J8oCkFqDMs1w65XKASDCdq0RHGVSR  client_id: 06R3HSEUIQ1DVO7U  client_secret: M8m6yxc2AFX8p4IQe8Lf5H+GXmYkGrTSke/J8oCkFqDMs1w65XKASDCdq0RHGVSR  filename: some_file.md