# The Kafka Operations Platform Automate, control, and scale Kafka operations across every team. One Kafka Proxy. One Console. [Get Your Kafka Platform Scorecard](https://www.conduktor.io/kafka-assessment) [Install Now](https://www.conduktor.io/get-started) [Conduktor Console](#console) [Conduktor Gateway](#gateway) Trusted by ## From Topics to Data Products Your company already streams data. But raw topics don't ship products. Developers need velocity, platform teams need rules, and both need to scale together. Conduktor is the [Kafka governance platform](https://www.conduktor.io/kafka-data-governance) that lets them. **That's what Console and Conduktor Gateway are built for.** [Conduktor ConsoleVisibility. Ownership. Autonomy.Our Kafka UI and API that allows developers and platform teams to scale together. Resource ownership, usage, observability, policy enforcement, automation, and access management in one interface.Learn more →](https://www.conduktor.io/console) [Conduktor GatewayRoute. Protect. Transform.More than a proxy. Our Kafka gateway solves wire-level issues such as data quality, security, failover, and sharing by getting in between your clients and Kafka.Learn more →](https://www.conduktor.io/gateway) ## How It All Fits Together Console and Conduktor Gateway work side by side, giving developers velocity and platform teams control across any Kafka provider and infrastructure. ![Conduktor architecture overview](https://www.conduktor.io/assets/images/architecture-overview.png) [See full architecture →](https://www.conduktor.io/architecture#architecture) ## Conduktor Console ### Multi-cluster Kafka UI Enterprise UI to manage hundreds of clusters. Topics, schemas, connectors, producers, and consumers across Confluent, AWS MSK, Redpanda, or self-managed. ### Browse & Debug Messages Browse, filter, and replay messages in real-time. Troubleshoot and auto-decode Avro, Protobuf, and JSON Schema. ### Monitoring & Alerts Track hot topics, fan-out, dead streams, and consumer lag. Alerts to Slack, PagerDuty, Prometheus, and webhooks. ### Security & Compliance SSO (OIDC-based and LDAP), granular RBAC, role-based access, PII masking, and audit trails. ### Health & Cost Insights Health optimization for partitions, replication, naming, and configs. Cost attribution, data quality, and team accountability. ### Terraform, API & GitOps Terraform provider, REST API, GitOps workflows, and CI/CD integration. ```terraform terraform { required_providers { conduktor = { source = "conduktor/conduktor" version = "~> 1.0" } } } provider "conduktor" { console_url = "http://localhost:8080" api_token = var.conduktor_api_token } resource "conduktor_group" "project_a" { name = "project-a" display_name = "Project A" permissions { resource_type = "TOPIC" name = "project-a-*" pattern_type = "PREFIXED" permissions = ["topicConsume", "topicProduce"] } } ``` ## Conduktor Gateway ### Routing & Authentication Centralize identity with OIDC across all clusters. Route clients transparently without changing application code. ```yaml # Gateway Configuration gateway: environment: GATEWAY_SECURITY_MODE: GATEWAY_MANAGED GATEWAY_SECURITY_PROTOCOL: SASL_PLAINTEXT GATEWAY_OAUTH_JWKS_URL: "https://your-idp.com/.well-known/jwks.json" GATEWAY_OAUTH_EXPECTED_ISSUER: "https://your-idp.com" # Map OIDC identities to Service Accounts apiVersion: gateway/v2 kind: GatewayServiceAccount metadata: name: my-application spec: type: EXTERNAL externalNames: - "oauth-subject-id-from-token" ``` ### Resilience & Migration Switch clusters, failover traffic, and inject chaos—all at the proxy layer. Zero client changes required. ```yaml # Gateway cluster configuration config: main: bootstrap.servers: kafka-primary:9092 security.protocol: SASL_SSL sasl.mechanism: PLAIN failover: bootstrap.servers: kafka-secondary:9092 gateway.roles: failover # Switch from main → failover curl -X POST 'http://localhost:8888/gateway/v2/cluster-switching' \ -H 'Content-Type: application/json' \ -d '{"fromPhysicalCluster": "main", "toPhysicalCluster": "failover"}' ``` ### Multi-tenancy Virtual clusters, topic concentration, and aliasing. Isolate teams and workloads on shared infrastructure. ```yaml apiVersion: gateway/v2 kind: VirtualCluster metadata: name: payments-team spec: type: Standard aclEnabled: true superUsers: - payments-admin --- apiVersion: gateway/v2 kind: VirtualCluster metadata: name: orders-team spec: type: Standard aclEnabled: true superUsers: - orders-admin ``` ### Performance SQL queries on topics, message caching, and large payload offloading. Handle load without over-provisioning. ```yaml apiVersion: gateway/v2 kind: Interceptor metadata: name: sql-filter-adults spec: pluginClass: io.conduktor.gateway.interceptor.VirtualSqlTopicPlugin priority: 100 config: virtualTopic: customers-adult statement: | SELECT firstName, lastName, email FROM customers WHERE age >= 18 AND country = 'US' ``` ### Governance & Data Quality Config guardrails, rate limiting, and schema validation. Enforce standards before bad data hits Kafka. ### Security & Data Sharing Field-level encryption, key management, and partner tenants. Protect data while enabling controlled access. ```yaml apiVersion: gateway/v2 kind: Interceptor metadata: name: encrypt-pii-fields spec: pluginClass: io.conduktor.gateway.interceptor.EncryptPlugin priority: 100 config: topic: "customers.*" schemaRegistryConfig: host: http://schema-registry:8081 kmsConfig: vault: uri: http://vault:8200 token: ${VAULT_TOKEN} recordValue: fields: - fieldName: ssn keySecretId: vault-kms://vault:8200/transit/keys/pii-key algorithm: AES256_GCM - fieldName: email keySecretId: vault-kms://vault:8200/transit/keys/email-key algorithm: AES256_GCM ``` ## Join the Conduktor Community Connect with your fellow Kafka practitioners. [Join Slack →](https://join.slack.com/t/conduktor-community/shared_invite/zt-3pxrkbgs1-owxEhCQ7j82OeC43rgTH_A) "With Conduktor, it's so much easier for developers, analysts, and testers to get a handle on the data they need. It's been a game changer for efficiency and adoption." **Scot McPhee**Platform Engineer, Virgin Australia "With the same team, we managed to support this expansion and scalability—Conduktor plays one of the biggest roles in that. It helps us do a lot of things automatically." **Anke Raich**Swiss Post "Conduktor easily integrated with our CI/CD pipelines to enhance data governance. It's given us the tools to centralize compliance standards while allowing team-specific autonomy." **Taras Slipets**Staff Data Engineer, FlixBus "Once we discovered Conduktor, our lives became a whole lot easier. It becomes your go-to tool and Kafka becomes available to everyone, not just those with Kafka experience." **Rea Maor**CTO & Co-founder, OpenTag "Conduktor gave us time back. Developers can now help themselves, and our team can focus on governance instead of daily firefighting." **Anke Raich**Swiss Post "Being able to share data seamlessly and collaborate across teams without friction has saved countless hours. It's improved the quality of questions and insights we receive." **Scot McPhee**Platform Engineer, Virgin Australia "With Conduktor, it's so much easier for developers, analysts, and testers to get a handle on the data they need. It's been a game changer for efficiency and adoption." **Scot McPhee**Platform Engineer, Virgin Australia "With the same team, we managed to support this expansion and scalability—Conduktor plays one of the biggest roles in that. It helps us do a lot of things automatically." **Anke Raich**Swiss Post "Conduktor easily integrated with our CI/CD pipelines to enhance data governance. It's given us the tools to centralize compliance standards while allowing team-specific autonomy." **Taras Slipets**Staff Data Engineer, FlixBus "Once we discovered Conduktor, our lives became a whole lot easier. It becomes your go-to tool and Kafka becomes available to everyone, not just those with Kafka experience." **Rea Maor**CTO & Co-founder, OpenTag "Conduktor gave us time back. Developers can now help themselves, and our team can focus on governance instead of daily firefighting." **Anke Raich**Swiss Post "Being able to share data seamlessly and collaborate across teams without friction has saved countless hours. It's improved the quality of questions and insights we receive." **Scot McPhee**Platform Engineer, Virgin Australia ## Explore How Conduktor Helps Your Industry ### Financial Services Bitvavo achieved DORA, MiCA, and GDPR compliance for 1.5M+ users with Conduktor's RBAC, data masking, and audit trails. [See how →](https://www.conduktor.io/customer-stories/bitvavo-ensures-compliance-dora-mica) ### Transport & Logistics Swiss Post scaled Kafka to 800+ users and 5x more applications with governance, RBAC, and self-service. [See how →](https://www.conduktor.io/customer-stories/how-swiss-post-governs-democratizes-kafka-usage) ### Agriculture & IoT 10x Kafka utilization and 70% faster provisioning with Conduktor and Amazon MSK for IoT smart farming. [See how →](https://www.conduktor.io/customer-stories/accelerating-smart-farming-innovation-with-conduktor-and-amazon-msk) # Ready to simplify your Kafka operations? Book a demo to see Conduktor in action, or get started free today. [Book a Demo](https://www.conduktor.io/contact/demo) [Install Now](https://www.conduktor.io/get-started)