2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
Custom domain names are not supported at this point. The only work around possible would involves non-data PLAINTEXT access for bootstrapping (fetch metadata request) and regular SSL for data-in-transfer encryption.
- Update advertised listeners to have port 9094 for PLAINTEXT protocol
- Define R53 A-record with custom domain name resolved to an NLB with targets to all brokers to port 9092 (PLAINTEXT) a. create certificates in ACM and deploy on NLB listeners b. define NLB listeners as TLS to terminate TLS connection at NLB
This will let you use custom domain name with TLS traffic. Limitation of this approach is that it won't work with SASL (SCRAM, IAM), because listeners don't have SASL implementation mechanisms.
답변함 일 년 전
관련 콘텐츠
AWS 공식업데이트됨 일 년 전- AWS 공식업데이트됨 일 년 전
- AWS 공식업데이트됨 2년 전
Can you elaborate, at which point this provides connectivity with MSK/Kafka?