Data masking
Last updated
Last updated
You can configure kafka-ui to mask sensitive data shown in Messages page.
Several masking policies supported:
For json objects - remove target fields, otherwise - return "null" string.
Apply examples:
For json objects - replace target field's values with specified replacement string (by default with ***DATA_MASKED***). Note: if target field's value is object, then replacement applied to all its fields recursively (see example).
Apply examples:
Mask target field's values with specified masking characters, recursively (spaces and line separators will be kept as-is). maskingCharsReplacement array specifies what symbols will be used to replace upper-case chars (index 0), lower-case chars (index 1), digits (index 2) and other symbols (index 3) correspondingly.
Apply examples:
For each policy, if fields not specified, then policy will be applied to all object's fields or whole string if it is not a json-object.
You can specify which masks will be applied to topic's keys/values. Multiple policies will be applied if topic matches both policy's patterns.
Yaml configuration example:
Same configuration in env-vars fashion: