I have been experimenting with a cluster that has IAM Authentication, and I cannot seem to get it working.
-I have a security group in the cluster that allows in-bound traffic from the ec2 instance I am testing from. I can even do zookeeper interactions like list topics just fine.
-My ec2 instance has an IAM role with a policy that specifically allows for all kafka interactions on all resources
-I also tried an aws local profile that has the same attached policy.
-I am using the following command to attempt a consumer interaction
bin/kafka-console-consumer.sh --bootstrap-server b-1.examplename.kafka.us-east-1.amazonaws.com:9098 --topic exampleTopic --consumer.config config/consumer.properties
consumer.properties has the below properties
security.protocol=SASL_SSL
sasl.mechanism=AWS_MSK_IAM
sasl.jaas.config=software.amazon.msk.auth.iam.IAMLoginModule required;
sasl.client.callback.handler.class=software.amazon.msk.auth.iam.IAMClientCallbackHandler
Am I missing anything?
AWS 官方已更新 1 年前