1 Answer
- Newest
- Most votes
- Most comments
0
We ended up using the cross-account assume role. We setup a role in Account B that allowed the needed access to MSK and allow sts:AssumeRole from Account A. We then added a policy to the Glue execution role in Account A that allows assuming the role in Account B. In Glue, we then setup the https://github.com/aws/aws-msk-iam-auth handler to assume the role in Account B.
answered 2 years ago
Relevant content
- asked 2 years ago
- asked 2 years ago
- asked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 5 months ago