Sold by: Aklivity
Deployed on AWS
Free Trial
AWS Free Tier
A Kafka-native gateway that provides a secure, governed access layer in front of your MSK cluster. Zilla Plus abstracts brokers, enforces policies, & translates protocols to safely expose data streams to apps, services, & external partners.
4
Overview
Zilla Plus is a Kafka-native edge and service proxy. It is a flexible, secure, and reliable way to create stateless API entry points into your Amazon MSK cluster for both native and non-native Kafka clients, eliminating the need for Kafka Connectors, integration pipelines, custom code, and VPNs.
Use Zilla Plus to securely expose your Amazon MSK cluster to external partners, decouple clients and brokers for disaster recovery, stream data to web/mobile apps for real-time experiences, turn Amazon MSK into an IoT broker, and more!
(Note: Zilla Plus is also AVAILABLE as a container-based offering.)
[SECURE PUBLIC ACCESS] Enable authorized clients to access your Amazon MSK cluster via a custom domain name over the internet with no changes to underlying brokers. Supports IAM, SASL, and mTLS authentication via integrations with AWS Certificate Manager (including AWS Nitro Enclaves for automated certificate renewal) or your third-party certificate authority of choice.
Multiple Zilla Plus instances require only a single NLB, even if there are multiple brokers. The presence of an NLB ensures that publicly reachable Zilla Plus endpoints to Amazon MSK can be DDoS-protected via AWS Shield.
[SECURE PRIVATE ACCESS (FOR MSK SERVERLESS)] Enable authorized clients deployed across VPCs (even cross-account) to securely connect, publish messages, and subscribe to topics in your Amazon MSK Serverless cluster. Eliminates the need to manually whitelist 1000 broker DNS names to enable broker access.
[DISASTER RECOVERY] Deploy Amazon MSK custom DNS name via Zilla Plus in both primary and secondary AWS regions to support seamless disaster recovery via DNS record update to the secondary AWS region without needing to reconfigure Kafka clients due to a consistent bootstrap server name.
[WEB STREAMING] Expose Amazon MSK topics via SSE (Server-Sent Events) endpoints and stream messages to web and mobile clients at scale with reliability and security. Create OpenAPI-compliant REST endpoints that allow clients to POST and PUT updates to Amazon MSK topics.
[IOT INGEST & CONTROL] Turn Amazon MSK into a fully-fledged IoT broker, enabling MQTT clients to directly publish and subscribe to topics. Both MQTT messages and client state are stored in Amazon MSK, removing the need for a separate dedicated MQTT broker.
[GRPC-KAFKA EVENT MESH] Turn Amazon MSK into a gRPC server and route service method requests and responses to and from topics. Fan out messages from an Amazon MSK topic to multiple gRPC clients, or proxy messages between a gRPC client and server via Kafka, allowing them to communicate as if they were talking directly to each other.
Highlights
- [Security & Governance]: Enable authorized clients to access your MS cluster via a custom domain name over the internet with no changes to underlying brokers. Supports IAM, SASL, and mTLS authentication. Integrates with AWS Certificate Manager or any third-party certificate authority.
- [Protocol Translation]: Seamlessly connect both native and non-native Kafka clients to your Kafka cluster. Expose topics via declaratively defined REST, SSE, gRPC, and MQTT APIs. Configure APIs via existing OpenAPI and AsyncAPI specs.
- [Performance]: Zilla proxies are stateless and scale out linearly. When multiple Zilla instances are deployed, only a single NLB is required, even if multiple brokers are present. Industry-leading throughput and P99.9 latency benchmarks.
Details
Sold by
Delivery method
Delivery option
Secure Public Access (Unauthorized/SASL)
Secure Public Access (mTLS)
IoT Ingest and Control
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
AmazonLinux 2023.9.20251208
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Cost/hour |
|---|---|
c6i.xlarge Recommended | $2.40 |
t2.micro | $2.40 |
t3.micro | $2.40 |
m5d.12xlarge | $28.80 |
r6a.metal | $115.20 |
r6in.8xlarge | $19.20 |
d3.2xlarge | $4.80 |
x2iedn.16xlarge | $38.40 |
cg1.4xlarge | $9.60 |
r6a.24xlarge | $57.60 |
Vendor refund policy
We do not currently support refunds, but you can cancel at any time.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Zilla Plus 0.9.55
Additional details
Resources
Vendor resources
Support
Vendor support
Zilla Plus comes with standard enterprise support, which includes a 24x7, 8-hour SLA via email and direct messaging. Advanced enterprise support with a 2-hour SLA is additionally available. To learn more about our support offerings and engage with the team, please visit https://www.aklivity.io/support .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Aklivity
By IBM Software
By Factor House
Top
10
In Streaming solutions
Top
10
In Device Connectivity
Top
10
In Analytic Platforms, Monitoring, Application Development
AI generated from product descriptions
Authentication and Authorization
Supports IAM, SASL, and mTLS authentication with integrations to AWS Certificate Manager and third-party certificate authorities for secure client access
Protocol Translation
Translates between native and non-native Kafka clients, exposing topics via REST, SSE, gRPC, and MQTT APIs configured through OpenAPI and AsyncAPI specifications
Multi-Protocol Support
Enables MQTT clients to publish and subscribe directly to topics, SSE endpoints for web and mobile streaming, and gRPC service method routing to and from Kafka topics
Stateless Architecture and Scalability
Deploys as stateless proxy instances that scale linearly, requiring only a single Network Load Balancer across multiple broker deployments
Cross-VPC and Cross-Account Connectivity
Enables authorized clients deployed across VPCs and AWS accounts to securely connect to Amazon MSK Serverless clusters without manual broker DNS whitelisting
Message Delivery Guarantee
Assured, once-only delivery of messages between applications with Store & Forward and Request & Response patterns
Multi-Platform Support
Support for multiple languages, platforms, and deployment models including containers (Kubernetes and OpenShift), on-premises servers (Windows, UNIX, Z/OS), and multiple cloud environments
Messaging Architecture Options
Support for point-to-point messaging, Publish and Subscribe with dynamic topics and subscriptions, and integration with Kafka-based Event Driven Architectures
High Availability and Disaster Recovery
Intelligence workload balancing, high availability, and disaster recovery services across individual nodes, availability zones, and regional levels
End-to-End Security
Message encryption at rest and in transit, end-to-end encryption, data confidentiality and integrity checking, and advanced audit compliance capabilities
Multi-Cluster Management
Manage up to 12 Kafka clusters from a single instance for centralized control and operational efficiency.
Message Search and Filtering
Search and filter millions of messages using kJQ predicates with JQ-like query language syntax, and support for natural language search via AI provider integration.
Role-Based Access Control and Authentication
Enterprise-grade security with Role-Based Access Control (RBAC), Single Sign-On (SSO) via SAML, LDAP, and OpenID, along with comprehensive audit logs for all user actions.
Data Masking and Redaction
Enforce data governance policies to protect sensitive personally identifiable information and credit card data through masking and redaction capabilities.
Real-Time Topology Monitoring
Comprehensive real-time visibility into Kafka topology including brokers, topics, partitions, consumer groups, offsets, and Schema Registry with built-in metrics for throughput, partition lag, and message rates.
Standard contract
No
No
No
Customer reviews
Shweta I
Secure Kafka access across cloud environments has simplified streaming integration work
Reviewed on May 13, 2026
Review from a verified AWS customer
What is our primary use case?
I am using Zilla Plus and have been working with it for the past few months, mainly around MSK serverless and connectivity and secure across VPC access use cases.
One of my main use cases that I have explored is using Zilla Plus to securely connect an application to Amazon MSK Serverless . For example, in a streaming integration setup, Zilla Plus acts as a Kafka-native proxy to simplify secure connectivity between a client application and MSK without exposing brokers publicly.
What is most valuable?
What I appreciate most in Zilla Plus is that it simplifies secure Kafka connectivity while keeping the architecture scalable and cloud-native. It helps reduce operational complexity compared to managing custom networking.
In my opinion, the best features Zilla Plus offers include secure across VPC, support for REST, SCC, and Kafka protocols together, custom domains, and TLS security supports.
Another feature is the support for multiple protocols, including REST and Kafka through a single gateway layer.
Zilla Plus has helped simplify secure Kafka connectivity and reduce the effort required to manage cross-VPC networking and authentication configuration. I also saw benefits in terms of scalability and reduced infrastructure complexity.
What needs improvement?
Zilla Plus could improve in simplifying the initial setup and onboarding experience, especially for teams that are newer to Kafka and MSK serverless architecture and configuration templates.
I monitor dashboards and more out-of-the-box analytic traffic visibility and performance insights would also add value for operational teams.
Another improvement that would be valuable is deeper support for deployment and configuration, especially for multi-environment setup.
For how long have I used the solution?
I have been working in my current field for three years.
What do I think about the stability of the solution?
In my experience, Zilla Plus has been stable for the use cases I explored, including secure Kafka connectivity and communication with Amazon MSK serverless. The architecture handled workloads reliably and integrated well within a cloud-native AWS environment.
What do I think about the scalability of the solution?
One noticeable improvement was the reduction in time spent managing and troubleshooting across VPC Kafka connectivity. I also observed better scalability in handling streaming traffic because the architecture was more lightweight and cloud-native, which reduced operational complexity and improved overall reliability.
Zilla Plus in my experience has scaled well for cloud-native streaming workloads. Its lightweight and stateless architecture make it easier to handle increased Kafka traffic and multiple client connections without adding significant operational complexity.
How are customer service and support?
The customer support has been good overall from my experience. The team was responsive during setup and integration-related queries, especially around MSK connectivity and configuration guidance.
Which solution did I use previously and why did I switch?
Before exploring Zilla Plus, the setup relied more on custom networking, configuration, and direct Kafka connectivity management and manual handling of access patterns across the environment. The switch to Zilla Plus was mainly driven by the need for a more secure, scalable, and easier-to-manage solution for cross-VPC Kafka access with authentication. It reduced the operational complexity and simplified integration management compared to maintaining a custom configuration.
I looked at a few alternative approaches before exploring Zilla Plus, including native Kafka networking setups, such as AWS PrivateLink based on custom implementation and other API gateway solutions commonly used for secure Kafka connectivity.
How was the initial setup?
Access through the AWS Marketplace made deployment and integration with existing AWS services more streamlined and convenient for the team.
What was our ROI?
I saw a measurable operational benefit after using Zilla Plus. For example, reduced time spent on networking, faster onboarding for a new integration environment, lower operational costs, and improved scalability and reliability for real-time data streaming workloads without significantly increasing infrastructure complexity.
What's my experience with pricing, setup cost, and licensing?
The setup cost was reasonable compared to the operational benefits. It provides secure Kafka connectivity and cross-VPC access, so I can work with enterprises natively, especially considering the reduction in custom infrastructure and maintenance effort, with clear pricing that is more flexible for smaller teams.
What other advice do I have?
My advice would be to clearly define your Kafka connectivity and secure and scalable requirements before implementation. Zilla Plus is valuable for teams looking to simplify secure Kafka access with IAM authentication while reducing custom networking complexity. I also recommend investing some time in understanding the architecture deployment patterns early on so that it makes the setup and long-term management much smoother.
Overall, Zilla Plus stands out as a strong solution for secure and scalable Kafka connectivity in cloud-native environments, especially for AWS MSK serverless use cases. I appreciate the focus on security, such as IAM integration and simplified cross-VPC access, and I am excited to see how the platform continues to evolve with improved deployment automation features. I would rate this solution an 8 overall.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)