Confluent Keys

Description

General

• Documentation: https://docs.confluent.io/cloud/current/client-apps/api-keys.html

• Summary: The Confluent REST Proxy provides a RESTful interface to an Apache Kafka® cluster, making it easy to produce and consume messages, view the state of the cluster, and perform administrative actions without using the native Kafka protocol or clients. This detector finds basic authentication credentials used to make requests.

• IPs allowlist: As of the time of writing this documentation, this feature is not yet supported.

• Scopes: Keys can be assigned to certain roles by creating different users with different access rights on the clusters.

Revoke the secret

See configuration files.

Check for suspicious activity

To check for suspicious activity, logs need to be enabled. See the documentation.

Details for Confluent api keys

• Family: Api

• Category: Collaboration tool

• Company: Confluent

• High recall: False

• Validity check available: True

• On-premise instances exist: True

• Only valid secrets raise an alert: True

• Minimum number of matches: 2

• Occurrences found for one million commits: 0.05

• Prefixed: False

• PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - confluent
    - ccloud
    - cpdev
    - kafka

Examples

- text: confluent
    +# basic.auth.user.info=06R3WYFUIW1DVO4U:M8m6yxc2AFX8p4IQe8Lf5H+GXmYkGrTSke/B8kCkFqDEk1w62XKDSCCds5RXGVXR
  client_id: 06R3WYFUIW1DVO4U
  client_secret: M8m6yxc2AFX8p4IQe8Lf5H+GXmYkGrTSke/B8kCkFqDEk1w62XKDSCCds5RXGVXR
- text: confluent +# basic.auth.user.info=06R3WYFUIW1DVO4U:M8m6yxc2AFX8p4IQe8Lf5H+GXmYkGrTSke/B8kCkFqDEk1w62XKDSCCds5RXGVXR
  client_id: 06R3WYFUIW1DVO4U
  client_secret: M8m6yxc2AFX8p4IQe8Lf5H+GXmYkGrTSke/B8kCkFqDEk1w62XKDSCCds5RXGVXR