By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Unable to use IAM permissions to access MSK Brokers

0

I have been experimenting with a cluster that has IAM Authentication, and I cannot seem to get it working.
-I have a security group in the cluster that allows in-bound traffic from the ec2 instance I am testing from. I can even do zookeeper interactions like list topics just fine.
-My ec2 instance has an IAM role with a policy that specifically allows for all kafka interactions on all resources
-I also tried an aws local profile that has the same attached policy.
-I am using the following command to attempt a consumer interaction
bin/kafka-console-consumer.sh --bootstrap-server b-1.examplename.kafka.us-east-1.amazonaws.com:9098 --topic exampleTopic --consumer.config config/consumer.properties

consumer.properties has the below properties
security.protocol=SASL_SSL
sasl.mechanism=AWS_MSK_IAM
sasl.jaas.config=software.amazon.msk.auth.iam.IAMLoginModule required;
sasl.client.callback.handler.class=software.amazon.msk.auth.iam.IAMClientCallbackHandler

Am I missing anything?

Topics
Analytics
Tags
Amazon Managed Streaming for Apache Kafka (Amazon MSK)
Language
English
rakibkamal
asked 3 years ago5774 views
1 Answer
0

Hey there,

I had same issue.

Follow this guide: https://aws.amazon.com/blogs/big-data/securing-apache-kafka-is-easy-and-familiar-with-iam-access-control-for-amazon-msk/

Best Regards

dbartashevich
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content