- 新しい順
- 投票が多い順
- コメントが多い順
It was permissions.... the Pipes auto created execution role and policy doesn't give Pipes the permissions required to use MSK as a source. I had augmented the auto created role with MSK Full Access but that does include below.
I noticed that my Lambda would only auth with SASL, so added below and then added same to the Pipes execution role.
Pipes showed as running, no errors reported, but clearly it couldn't connect or read. Wild that there are no errors and no logs that I could find. I'm guessing there must be a sequencing of setup issue.
https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-permissions-iam-policy
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "kafka-cluster:Connect", "kafka-cluster:DescribeGroup", "kafka-cluster:AlterGroup", "kafka-cluster:DescribeTopic", "kafka-cluster:ReadData", "kafka-cluster:DescribeClusterDynamicConfiguration" ], "Resource": "*" } ] }
関連するコンテンツ
- AWS公式更新しました 1年前