Unable to use IAM permissions to access MSK Brokers
I have been experimenting with a cluster that has IAM Authentication, and I cannot seem to get it working.
-I have a security group in the cluster that allows in-bound traffic from the ec2 instance I am testing from. I can even do zookeeper interactions like list topics just fine.
-My ec2 instance has an IAM role with a policy that specifically allows for all kafka interactions on all resources
-I also tried an aws local profile that has the same attached policy.
-I am using the following command to attempt a consumer interaction
bin/kafka-console-consumer.sh --bootstrap-server b-1.examplename.kafka.us-east-1.amazonaws.com:9098 --topic exampleTopic --consumer.config config/consumer.properties
consumer.properties has the below properties
security.protocol=SASL_SSL
sasl.mechanism=AWS_MSK_IAM
sasl.jaas.config=software.amazon.msk.auth.iam.IAMLoginModule required;
sasl.client.callback.handler.class=software.amazon.msk.auth.iam.IAMClientCallbackHandler
Am I missing anything?
Hey there,
I had same issue.
Follow this guide: https://aws.amazon.com/blogs/big-data/securing-apache-kafka-is-easy-and-familiar-with-iam-access-control-for-amazon-msk/
Best Regards
Relevant questions
Cannot delete because cluster <cluster name> currently has an update in progress
Accepted Answerasked 4 months agoAws MSK security behaviour when both IAM and SCRAM enabled
Accepted Answerasked 6 months agoHow do you setup cross-account IAM authentication in AWS MSK?
Accepted Answerasked 4 months agoHow to connect Glue to MSK with IAM authentication?
asked 7 months agoScaling a cluster
asked 3 years agoLambda MSK trigger not working
asked 2 years agoBrokers Connection string doesn't show creating cIuster with IAM Access
Accepted Answerasked a year agoUnable to create EKS Cluster
asked 2 months agoUsing MSK as trigger to a Lambda with SASL/SCRAM Authentication
asked a month agoUnable to use IAM permissions to access MSK Brokers
asked a year ago