Hi Men, The config provider mechanism should work for every property in a connector config, and every property in a worker config except for the plugin.path property (see KAFKA-9845 [1]). You can also use it for only part of a single property, or even multiple parts, like in this example (assuming a config provider named "file"):
sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required username="${file:/some/file.properties:username}" password="${file:/some/file.properties:password}" What sorts of errors are you seeing when trying to use a config provider with sasl/scram credentials? [1] - https://issues.apache.org/jira/browse/KAFKA-9845 Cheers, Chris On Mon, Mar 7, 2022 at 10:35 AM Men Lim <zulu...@gmail.com> wrote: > Hi all, > > recently, I found out about > > config.providers=file > > > config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider > > This works great to remove our embedded database password into an external > file. However, it does not work when I tried to do the same thing with the > sasl/scram username and password found in the distributor or connector file > for kafka connect: > > sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule > required \ > username="000" password="some_password"; > > I was wondering if there's a way to secure these passwords as well? > > Thanks, >