Passer au contenu
En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post
À propos de re:Post

using MSK Connect Connector with MSK Managed VPC connectivity

0

I am using MSK cluster with IAM role enabled, MSK live in central account, client accounts have MSK vpc connectivity configured. I want to host MSK Connect Connector in client Account, I am not able to to se MSK VPC connectivity in the list of available clusters

Sujets
Analytique
Balises
Streaming géré par Amazon pour Apache Kafka (Amazon MSK)
Langue
English
demandé il y a 6 mois240 vues
1 réponse
0

When using Amazon MSK with multi-VPC private connectivity, it's important to note that MSK Connect Connectors currently do not support the use of managed VPC connections. This limitation means that you cannot directly use the MSK VPC connectivity option when creating an MSK Connect Connector in a client account that has MSK VPC connectivity configured to a cluster in a central account.

To work around this limitation and host an MSK Connect Connector in a client account while connecting to an MSK cluster in a central account, you have a few options:

  1. VPC Peering: You can set up a VPC peering connection between the VPC in the client account (where you want to host the MSK Connect Connector) and the VPC in the central account (where the MSK cluster resides). This will allow direct private communication between the two VPCs.

  2. AWS Transit Gateway: If you're dealing with multiple VPCs or accounts, you can use AWS Transit Gateway to create a hub-and-spoke network topology. This allows you to connect the client account VPC to the central account VPC through the Transit Gateway.

  3. AWS PrivateLink: You can use AWS PrivateLink to create a private endpoint in the client account's VPC that connects to the MSK cluster in the central account. This provides a secure, private connection without exposing the cluster to the public internet.

After implementing one of these networking solutions, you should be able to create the MSK Connect Connector in the client account and connect it to the MSK cluster in the central account.

Remember to update the security groups associated with both the MSK cluster and the MSK Connect Connector to allow the necessary traffic between them. Also, ensure that the IAM roles and policies are correctly set up to allow the connector to authenticate and interact with the MSK cluster using IAM authentication.

While these solutions can help you achieve your goal, they may require additional network configuration and management compared to using managed VPC connections. Always consider the security implications and follow AWS best practices when implementing cross-account connectivity.
Sources
Secure connectivity patterns to access Amazon MSK across AWS Regions | AWS Big Data Blog
Transfer data between cross-account MSK clusters with MM2 | AWS re:Post

répondu il y a 6 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Contenus pertinents