This is an automated email from the ASF dual-hosted git repository.
mimaison pushed a commit to branch 4.2
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/4.2 by this push:
new f5e7474d776 MINOR: Add Security section to Connect docs (#21056)
f5e7474d776 is described below
commit f5e7474d776619cd0e6deb044b4b68cd8e8c903f
Author: Mickael Maison <[email protected]>
AuthorDate: Wed Dec 3 12:32:57 2025 +0100
MINOR: Add Security section to Connect docs (#21056)
This adds a short Security section to the Connect docs that briefly
highlights the security concerns unique to Kafka Connect.
Reviewers: Chris Egerton <[email protected]>
---
docs/connect.html | 4 ++++
docs/toc.html | 1 +
2 files changed, 5 insertions(+)
diff --git a/docs/connect.html b/docs/connect.html
index 85571bf115c..847f55bd398 100644
--- a/docs/connect.html
+++ b/docs/connect.html
@@ -591,6 +591,10 @@ com.example.MySinkConnector</code></pre>
<p>You should then verify that your manifests are correct by using the <a
href="#connect_plugindiscovery_compatibility">verification steps</a> with a
pre-release artifact. If the verification succeeds, you can then release the
plugin normally, and operators can upgrade to the compatible version.</p>
+ <h4><a id="connect_security" href="#connect_security">Security</a></h4>
+
+ <p>It's important to understand the security concerns inherent to Connect.
First, Connect allows running custom plugins. These plugins can run arbitrary
code, so you must trust them before installing them in your Connect clusters.
By default, the REST API is unsecured and allows anyone that can access it to
start and stop connectors. You should only directly expose the REST API to
trusted users, otherwise it's easy to gain arbitrary code execution on Connect
workers. By default, conn [...]
+
<h3><a id="connect_development" href="#connect_development">8.3 Connector
Development Guide</a></h3>
<p>This guide describes how developers can write new connectors for Kafka
Connect to move data between Kafka and other systems. It briefly reviews a few
key concepts and then describes how to create a simple connector.</p>
diff --git a/docs/toc.html b/docs/toc.html
index 7fecf21fae1..881c6ac695f 100644
--- a/docs/toc.html
+++ b/docs/toc.html
@@ -210,6 +210,7 @@
<li><a href="#connect_errorreporting">Error Reporting
in Connect</a>
<li><a href="#connect_exactlyonce">Exactly-once
support</a>
<li><a href="#connect_plugindiscovery">Plugin
Discovery</a>
+ <li><a href="#connect_security">Security</a>
</ul>
<li><a href="#connect_development">8.3 Connector Development
Guide</a>
