Secure Mission Control infrastructure

Mission Control enables authentication and authorization by default. Mission Control encrypts the user interface and all communication between operators and nodes using mutual Transport Layer Security (TLS).

For configuration details, see Configure authentication.

Secure the Mission Control UI

Secure the Mission Control UI and its REST API through an Identity-provider connector. Mission Control supports authentication through OpenLDAP or OpenID connectors:

Define a single admin user during the Mission Control installation configuration step.

Secure database clusters

To secure your database clusters, you can manage authentication and database credentials, and encrypt data at rest and in transit.

Manage authentication and credentials

Mission Control creates K8ssandra clusters. Mission Control enables authentication and authorization by default.

Rotate superuser credentials

You can rotate the superuser credentials by updating the corresponding secret directly. Mission Control detects the change and updates the credentials in the HCD, DSE, or Cassandra cluster.

Data encryption

You can enable encryption for both data-in-transit and data-at-rest:

Enable encryption for data moving between components:

Enable encryption for stored data:

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2025 DataStax | Privacy policy | Terms of use | Manage Privacy Choices

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com