Enable Confluent and Kafka® clients to access the full functionality of your Confluent Cloud cluster even if they are running outside the cluster's AWS VPC network.
A private network deployment provides an extra layer of security for Confluent Cloud clusters. However, it also makes such clusters inaccessible over the internet. This holds back hybrid/multi-cloud setups and partner integration initiatives. By configuring Zilla Plus as public Kafka proxy and deploying it in front of a privately-networked cluster, your external clients can subscribe to and manage topics, publish messages, and run ksqlDB queries.
Allow external partners to subscribe to topics in your private Confluent Cloud cluster over a custom DNS domain. Enterprise-grade security is guaranteed through integrations with AWS Secrets Manager for public server certificates, ACM PCA for private client ones, and support for Confluent Cloud API keys used by external Kafka clients.
Zilla Plus relieves forklift efforts when migrating a Kafka deployment running outside of AWS to a privately-networked Confluent Cloud deployment. With it, your existing Kafka clients can reach your newly setup Confluent Cloud cluster from their native environment, allowing them to continue running as-is. Once ready, they can be incrementally carried over into the AWS cloud.
Leverage your favorite Kafka tools directly from your local environment to streamline Confluent Cloud development and testing efforts in a secure setting.
Allow external partners to subscribe to topics in your private Confluent Cloud cluster over a custom DNS domain. Enterprise-grade security is guaranteed through integrations with AWS Secrets Manager and Certificate Manager as well as client authentication via Confluent Cloud API keys.
Zilla Plus relieves forklift efforts when migrating a Kafka deployment running outside of AWS to a privately-networked Confluent Cloud deployment. With Zilla Plus, your existing Kafka clients can reach your newly setup Confluent Cloud cluster from their native environment, allowing them to continue running as-is. Once ready, they can be incrementally carried over into the AWS cloud.
Leverage your favorite Kafka tools directly from your local environment to streamline Confluent Cloud development and testing efforts in a secure setting.
Zilla Plus is a proxy that relies on native Kafka wire protocol support to route connectivity between Kafka clients and brokers. By deploying it in front of a privately networked Confluent Cloud cluster, it allows creating publicly reachable Kafka entry points that external clients can use to connect, publish messages and subscribe to topics in the cluster. Offered as an AMI and configured via CloudFormation, a Zilla Plus deployment consists of an auto-scaling proxy group inside a public VPC that is PrivateLinked to a secure Confluent Cloud cluster.
While Public Access is a feature of MSK, it exposes brokers directly to the public internet and lacks support for custom domain names.
Integrations with AWS Secrets and Certificate Managers enable configuring Kafka entry points with a custom domain name. A custom domain not only helps achieve a properly branded interface for external parties, but provides a static DNS name should it become necessary to modify your Confluent Cloud cluster behind the scenes. A single Zilla Plus deployment can support multiple custom domains and run in front of multiple Confluent Cloud clusters.
Confluent Cloud API Keys are passed through Zilla proxies ensuring clients can be properly authenticated.
Zilla proxies are stateless and only require a single Network Load Balancer. This reduces both the complexity and costs of scaling out.
The Aklivity Public MSK Proxy is an AWS Qualified solution.
