- 最新
- 投票最多
- 评论最多
It was permissions.... the Pipes auto created execution role and policy doesn't give Pipes the permissions required to use MSK as a source. I had augmented the auto created role with MSK Full Access but that does include below.
I noticed that my Lambda would only auth with SASL, so added below and then added same to the Pipes execution role.
Pipes showed as running, no errors reported, but clearly it couldn't connect or read. Wild that there are no errors and no logs that I could find. I'm guessing there must be a sequencing of setup issue.
https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-permissions-iam-policy
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "kafka-cluster:Connect", "kafka-cluster:DescribeGroup", "kafka-cluster:AlterGroup", "kafka-cluster:DescribeTopic", "kafka-cluster:ReadData", "kafka-cluster:DescribeClusterDynamicConfiguration" ], "Resource": "*" } ] }
相关内容
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前