- 최신
- 최다 투표
- 가장 많은 댓글
It was permissions.... the Pipes auto created execution role and policy doesn't give Pipes the permissions required to use MSK as a source. I had augmented the auto created role with MSK Full Access but that does include below.
I noticed that my Lambda would only auth with SASL, so added below and then added same to the Pipes execution role.
Pipes showed as running, no errors reported, but clearly it couldn't connect or read. Wild that there are no errors and no logs that I could find. I'm guessing there must be a sequencing of setup issue.
https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-permissions-iam-policy
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "kafka-cluster:Connect", "kafka-cluster:DescribeGroup", "kafka-cluster:AlterGroup", "kafka-cluster:DescribeTopic", "kafka-cluster:ReadData", "kafka-cluster:DescribeClusterDynamicConfiguration" ], "Resource": "*" } ] }
관련 콘텐츠
- AWS 공식업데이트됨 3년 전
- AWS 공식업데이트됨 일 년 전
- AWS 공식업데이트됨 일 년 전