Docs Connect Components Caches redpanda redpanda Type: CacheInputOutput Available in: Self-Managed A Kafka cache implemented using the Franz Kafka client library. Common Advanced cache: label: "" redpanda: seed_brokers: [] # No default (required) topic: "" # No default (required) cache: label: "" redpanda: seed_brokers: [] # No default (required) client_id: benthos tls: enabled: false skip_cert_verify: false enable_renegotiation: false root_cas: "" root_cas_file: "" client_certs: cert: "" key: "" cert_file: "" key_file: "" password: "" sasl: mechanism: "" # No default (required) username: "" password: "" token: "" extensions: "" # No default (optional) aws: region: "" # No default (optional) endpoint: "" # No default (optional) credentials: profile: "" # No default (optional) id: "" # No default (optional) secret: "" # No default (optional) token: "" # No default (optional) from_ec2_role: "" # No default (optional) role: "" # No default (optional) role_external_id: "" # No default (optional) metadata_max_age: 5m request_timeout_overhead: 10s conn_idle_timeout: 20s topic: "" # No default (required) A cache that stores data in a Kafka topic. This cache is useful for data that is written frequently and queried infrequently. Reads from the cache require scanning the entire topic partition. If you expect frequent access, consider placing an in-memory caching layer in front of this one. Because only the latest values are needed, configure compaction for topics used as caches so that reads are less expensive when topics are rescanned. See Compaction Settings. The cache does not have any TTL mechanisms. Use the Kafka topic retention policies to manage TTL. Fields client_id An identifier for the client connection. Type: string Default: benthos conn_idle_timeout The amount of time that connections can remain idle before they are closed. Type: string Default: 20s metadata_max_age The maximum age of metadata before it is refreshed. Type: string Default: 5m request_timeout_overhead Additional time to apply as overhead when calculating request deadlines. This buffer helps prevent premature timeouts, especially for requests that already define their own timeout values. Type: string Default: 10s sasl[] Specify one or more SASL authentication methods. Each method is tried in the order specified. If the broker supports the first mechanism, outgoing client connections use that mechanism. If the first mechanism fails, the client will use the first supported mechanism. If the broker does not support any client mechanisms, connections will fail. Type: object # Examples: sasl: - mechanism: SCRAM-SHA-512 password: bar username: foo sasl[].aws Contains AWS-specific fields for when sasl.mechanism is set to AWS_MSK_IAM. Type: object sasl[].aws.credentials Optional manual configuration of AWS credentials to use. For more information, see the credentials for AWS guide. Type: object sasl[].aws.credentials.from_ec2_role The credentials of a host EC2 machine configured to assume an IAM role associated with the instance. Requires version 4.2.0 or later. Type: bool sasl[].aws.credentials.id The ID of credentials to use. Type: string sasl[].aws.credentials.profile A profile from ~/.aws/credentials to use. Type: string sasl[].aws.credentials.role The ARN of the role to assume. Type: string sasl[].aws.credentials.role_external_id An external ID to provide when assuming the specified role. Type: string sasl[].aws.credentials.secret The secret for the credentials being used. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string sasl[].aws.credentials.token The token for the credentials being used. Required only when using short-term credentials. Type: string sasl[].aws.endpoint Specify a custom endpoint for the AWS API. Type: string sasl[].aws.region The AWS region to target. Type: string sasl[].extensions Key/value pairs to add to OAUTHBEARER authentication requests. Type: string sasl[].mechanism The SASL mechanism to use. Type: string Option Summary AWS_MSK_IAM AWS IAM-based authentication as specified by the 'aws-msk-iam-auth' Java library. OAUTHBEARER OAuth Bearer authentication. PLAIN Plaintext authentication. SCRAM-SHA-256 SCRAM authentication as specified in RFC5802. SCRAM-SHA-512 SCRAM authentication as specified in RFC5802. none Disable SASL authentication. sasl[].password The password to use for PLAIN or SCRAM-* authentication. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" sasl[].token The token to use for a single session’s OAUTHBEARER authentication. Type: string Default: "" sasl[].username The username for PLAIN or SCRAM-* authentication. Type: string Default: "" seed_brokers[] A list of broker addresses to connect to. Items containing commas are expanded into multiple addresses. Type: array # Examples: seed_brokers: - "localhost:9092" - "foo:9092" - "bar:9092" - "foo:9092,bar:9092" tls Use this field for custom TLS settings that override system defaults. Type: object tls.client_certs[] A list of client certificates to use. For each certificate, specify only one of the field pairs cert and key, or cert_file and key_file. Do not include both pairs. Type: object Default: [] # Examples: client_certs: - cert: foo key: bar - cert_file: ./example.pem key_file: ./example.key tls.client_certs[].cert The plaintext certificate to use for TLS authentication. Type: string Default: "" tls.client_certs[].cert_file The path to a file containing the certificate to use for TLS authentication. Type: string Default: "" tls.client_certs[].key The plaintext private key to use for TLS authentication. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" tls.client_certs[].key_file The path to a file containing the private key to use for TLS authentication. Type: string Default: "" tls.client_certs[].password A plaintext password to decrypt the private key in PKCS#1 or PKCS#8 format. The pbeWithMD5AndDES-CBC algorithm is obsolete and not supported for the PKCS#8 format. This algorithm does not authenticate the ciphertext, making it vulnerable to padding oracle attacks that can let an attacker recover the plaintext. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" # Examples: password: foo password: ${KEY_PASSWORD} tls.enable_renegotiation Whether to allow the remote server to repeatedly request renegotiation. Enable this option if you see the error message local error: tls: no renegotiation. Requires version 3.45.0 or later. Type: bool Default: false tls.enabled Whether custom TLS settings are enabled. Type: bool Default: false tls.root_cas An optional root certificate authority to use. This is a string, representing a certificate chain from the parent trusted root certificate, to possible intermediate signing certificates, to the host certificate. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" # Examples: root_cas: |- -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- tls.root_cas_file An optional file path of a root certificate authority file to use, usually with the .pem extension. This file contains a certificate chain from the parent trusted root certificate, to possible intermediate signing certificates, to the host certificate. Type: string Default: "" # Examples: root_cas_file: ./root_cas.pem tls.skip_cert_verify Whether to skip server-side certificate verification. Type: bool Default: false topic The topic to store data in. Type: string Back to top × Simple online edits For simple changes, such as fixing a typo, you can edit the content directly on GitHub. Edit on GitHub Or, open an issue to let us know about something that you want us to change. Open an issue Contribution guide For extensive content updates, or if you prefer to work locally, read our contribution guide . Was this helpful? thumb_up thumb_down group Ask in the community mail Share your feedback group_add Make a contribution 🎉 Thanks for your feedback! noop redis