AWS IAM

How to configure AWS IAM Authentication

PreviousFor Kafka NextSASL_SCRAM

Last updated 1 month ago

Was this helpful?

AWS IAM

How to configure AWS IAM Authentication

Kafbat UI comes with a built-in library.

You could pass SASL configs in the properties section for each cluster.

More details could be found here:

More about permissions: MSK (+Serverless) Setup

Examples:

Please replace

<KAFKA_URL> with broker list
<PROFILE_NAME> with your AWS profile

Running From Docker Image

docker run -p 8080:8080 \
    -e KAFKA_CLUSTERS_0_NAME=local \
    -e KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS=<KAFKA_URL> \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL=SASL_SSL \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_MECHANISM=AWS_MSK_IAM \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_CLIENT_CALLBACK_HANDLER_CLASS=software.amazon.msk.auth.iam.IAMClientCallbackHandler \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_JAAS_CONFIG='software.amazon.msk.auth.iam.IAMLoginModule required awsProfileName="<PROFILE_NAME>";' \
    -d ghcr.io/kafbat/kafka-ui

Configuring by application.yaml

kafka:
  clusters:
    - name: local
      bootstrapServers: <KAFKA_URL>
      properties:
        security.protocol: SASL_SSL
        sasl.mechanism: AWS_MSK_IAM
        sasl.client.callback.handler.class: software.amazon.msk.auth.iam.IAMClientCallbackHandler
        sasl.jaas.config: software.amazon.msk.auth.iam.IAMLoginModule required awsProfileName="<PROFILE_NAME>";

PreviousFor Kafka NextSASL_SCRAM

Last updated 1 month ago

Was this helpful?