Access Secrets using VPC EndPoint in Kafka Event-source in EventBridge Pipes
1
**Scenario: **
- MSK Cluster is in private subnet of VPC-1 and I am trying to create an EventBridge Pipe in VPC2 that gets data from the MSK cluster
- VPC-1 and VPC-2 are connected using VPC peering
- Kafka authentication details are stored in Secrets Manager
- I am using "Self managed Apache Kafka" for Event source as both VPCs are in differet AWS accounts.
It works if I configure NAT gateway in VPC2. Is it possible to achieve the same functionality using VPC Endpoints?
Problem
- I have deleted NAT gateway and I have created VPC endpoint for Secrets Manager as Event Source will need to access Kafka authentication information.
- Also, added STS VPC endpoint
- This setup fails to start the EventBridge Pipe with error message "PROBLEM: Pipe VPC event source require outbound internet access to send events to Pipes"
1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
Adding the answer for community:
EvenBridge supports VPC interface endpoints but not for MSK/Self-Managed Kafka /Amazon MQ. So this is not a network issue but rather service support.
We need route out to internet to be able to use "Self Managed Kafka Event Source" in EventBridge Pipe.
回答済み 9ヶ月前
関連するコンテンツ
- 質問済み 6年前
AWS公式更新しました 1年前- AWS公式更新しました 1年前
