The Kafka Operations Platform

Unify Kafka streaming with a proxy layer. Ship faster with developer tooling, self-service, and built-in governance.

Trusted by platform engineers at

From Topics to Data Products

Your company already streams a lot of data, but raw topics don't ship products. Developers need velocity and platform teams need rules. When both are in place, teams can delegate ownership, self-serve, and turn streams into something your organization can trust.

From raw Kafka topics to trusted data products

That's where Console and Gateway come in. Use one or both to transform your Kafka operations.

Conduktor ConsoleKafka Control PlaneVisibility. Ownership. Autonomy.Our Kafka UI and API that allows developers and platform teams to scale together. Resource ownership, usage, observability, policy enforcement, automation, and access management in one interface.Learn more →

Conduktor GatewayKafka Data PlaneRoute. Protect. Transform.Our Kafka proxy that solves wire-level issues such as data quality, security, failover, and sharing by getting in between your clients and Kafka.Learn more →

Conduktor Console

Give developers and platform engineers a stable, guided way to build and run streaming apps at scale.

Multi-cluster Kafka UI

Enterprise UI to manage hundreds of clusters. Topics, schemas, connectors, producers, and consumers across Confluent, AWS MSK, Redpanda, or self-managed.

Browse & Debug Messages

Browse, filter, and replay messages in real-time. Troubleshoot and auto-decode Avro, Protobuf, and JSON Schema.

Monitoring & Alerts

Track hot topics, fan-out, dead streams, and consumer lag. Alerts to Slack, PagerDuty, Prometheus, and webhooks.

Security & Compliance

SSO (OIDC, SAML, LDAP), granular RBAC, role-based access, PII masking, and audit trails.

Health & Cost Insights

Health optimization for partitions, replication, naming, and configs. Cost attribution, data quality, and team accountability.

Terraform, API & GitOps

Terraform provider, REST API, GitOps workflows, and CI/CD integration.

terraform {
  required_providers {
    conduktor = {
      source = "conduktor/conduktor"
      version = "~> 1.0"
    }
  }
}

provider "conduktor" {
  console_url = "http://localhost:8080"
  api_token = var.conduktor_api_token
}

resource "conduktor_group" "project_a" {
  name = "project-a"
  display_name = "Project A"

  permissions {
    resource_type = "TOPIC"
    name = "project-a-*"
    pattern_type = "PREFIXED"
    permissions = ["topicConsume", "topicProduce"]
  }
}

Faster team onboardingNew developers productive in days, not weeks.

Faster time to productionDebug quickly and ship features without waiting on platform tickets.

Earlier issue detectionCatch problems before they reach production traffic.

Audit-ready complianceMeet compliance requirements with complete audit trails.

Full usage visibilitySee who's using what across all clusters.

Reduced support dependencyDevelopers self-serve instead of filing tickets.

Conduktor Gateway

Extend Kafka with our Kafka Proxy as a control layer to absorb complexity of your infrastructure.

Routing & Authentication

Centralize identity with OIDC/SAML across all clusters. Route clients transparently without changing application code.

Resilience & Migration

Switch clusters, failover traffic, and inject chaos—all at the proxy layer. Zero client changes required.

Multi-tenancy

Virtual clusters, topic concentration, and aliasing. Isolate teams and workloads on shared infrastructure.

Performance

SQL queries on topics, message caching, and large payload offloading. Handle load without over-provisioning.

Governance & Data Quality

Config guardrails, rate limiting, and schema validation. Enforce standards before bad data hits Kafka.

Security & Data Sharing

Field-level encryption, key management, and partner tenants. Protect data while enabling controlled access.

# Gateway Configuration
gateway:
  environment:
    GATEWAY_SECURITY_MODE: GATEWAY_MANAGED
    GATEWAY_SECURITY_PROTOCOL: SASL_PLAINTEXT
    GATEWAY_OAUTH_JWKS_URL: "https://your-idp.com/.well-known/jwks.json"
    GATEWAY_OAUTH_EXPECTED_ISSUER: "https://your-idp.com"

# Map OIDC identities to Service Accounts
apiVersion: gateway/v2
kind: GatewayServiceAccount
metadata:
  name: my-application
spec:
  type: EXTERNAL
  externalNames:
    - "oauth-subject-id-from-token"

# Gateway cluster configuration
config:
  main:
    bootstrap.servers: kafka-primary:9092
    security.protocol: SASL_SSL
    sasl.mechanism: PLAIN

  failover:
    bootstrap.servers: kafka-secondary:9092
    gateway.roles: failover

# Switch from main → failover
curl -X POST 'http://localhost:8888/gateway/v2/cluster-switching' \
  -H 'Content-Type: application/json' \
  -d '{"fromPhysicalCluster": "main", "toPhysicalCluster": "failover"}'

apiVersion: gateway/v2
kind: VirtualCluster
metadata:
  name: payments-team
spec:
  type: Standard
  aclEnabled: true
  superUsers:
    - payments-admin
---
apiVersion: gateway/v2
kind: VirtualCluster
metadata:
  name: orders-team
spec:
  type: Standard
  aclEnabled: true
  superUsers:
    - orders-admin

apiVersion: gateway/v2
kind: Interceptor
metadata:
  name: sql-filter-adults
spec:
  pluginClass: io.conduktor.gateway.interceptor.VirtualSqlTopicPlugin
  priority: 100
  config:
    virtualTopic: customers-adult
    statement: |
      SELECT firstName, lastName, email
      FROM customers
      WHERE age >= 18 AND country = 'US'

Lower infrastructure spendReduce Kafka cluster count by avoiding duplication for isolation and partners.

Safer ecosystem expansionExpose Kafka to new teams and partners without increasing network risk.

Shorter migration cyclesMove workloads between clusters without long coordination or app rewrites.

Faster platform changesApply routing, security, and infra changes in days instead of quarters.

Federated Ownership

Scale ownership across teams. Developers get autonomy within guardrails. Platform teams maintain control through policies.

Self-Service PortalDevelopers create topics, ACLs, schemas, and connectors within safe boundaries. No tickets required.

Application CatalogClear ownership mapping so every resource has an accountable team.

Policy EnforcementCEL-based guardrails for encryption, masking, RBAC, naming rules, and retention policies.

Approval WorkflowsCross-team access mapped to owners, domains, and policies. Not ticket queues.

Faster DevelopmentDevelopers ship without waiting for platform approvals.

Safe AutonomyGuardrails prevent risky patterns from reaching production.

Lower Operational LoadPlatform teams spend less time on repetitive manual tasks.

Federated GovernanceDecentralized teams innovate with uniform standards across clusters.

Explore How Conduktor Helps Your Industry

Platform teams use Conduktor to streamline Kafka operations and accelerate delivery. Explore our customer stories or dive into the blog.

Financial Services

Bitvavo achieved DORA, MiCA, and GDPR compliance for 1.5M+ users with Conduktor's RBAC, data masking, and audit trails. See how →

Transport & Logistics

Swiss Post scaled Kafka to 800+ users and 5x more applications with governance, RBAC, and self-service. See how →

Agriculture & IoT

10x Kafka utilization and 70% faster provisioning with Conduktor and Amazon MSK for IoT smart farming. See how →

Read story →Read story →Read story →