- Más nuevo
- Más votos
- Más comentarios
It was permissions.... the Pipes auto created execution role and policy doesn't give Pipes the permissions required to use MSK as a source. I had augmented the auto created role with MSK Full Access but that does include below.
I noticed that my Lambda would only auth with SASL, so added below and then added same to the Pipes execution role.
Pipes showed as running, no errors reported, but clearly it couldn't connect or read. Wild that there are no errors and no logs that I could find. I'm guessing there must be a sequencing of setup issue.
https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-permissions-iam-policy
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "kafka-cluster:Connect", "kafka-cluster:DescribeGroup", "kafka-cluster:AlterGroup", "kafka-cluster:DescribeTopic", "kafka-cluster:ReadData", "kafka-cluster:DescribeClusterDynamicConfiguration" ], "Resource": "*" } ] }
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 3 años
- OFICIAL DE AWSActualizada hace un año