kafbat UI
WebsiteGithubDiscordLinkedinProduct HuntAWS Marketplace
  • 🎓Overview
    • About
    • Features
    • Getting started
  • 🛣️Project
    • Code of Conduct
    • Roadmap
  • 🧱Development
    • 🤝🏻Contributing
    • Setting up git
    • Building
      • Prerequisites
      • With Docker
      • Without Docker
    • WIP: Testing
  • ⚡Quick Start
    • 🔍Prerequisites
      • Kafka Permissions
        • Standalone Kafka ACLs
        • MSK (+Serverless) Setup
    • Demo run
    • AWS Marketplace
    • Persisting config
    • K8s / Helm
  • 🛠️Configuration
    • Configuration wizard
    • Configuration file
    • Setup example configs
    • Helm charts
      • Quick start
      • Configuration
        • SSL example
      • Resource limits
      • Sticky sessions
    • Misc configuration properties
    • Complex configuration examples
      • Kraft mode + multiple brokers
    • Kafka secured with SSL
    • Authentication
      • For the UI
        • Basic Authentication
        • OAuth2
        • LDAP / Active Directory
        • SSO Guide (Deprecated)
      • For Kafka
        • AWS IAM
        • SASL_SCRAM
    • RBAC (Role based access control)
      • Supported Identity Providers
    • Data masking
    • Audit log
    • Serialization / SerDe
    • OpenDataDiscovery Integration
  • ❓FAQ
    • Common problems
    • MCP Server
    • FAQ
    • Authentication Issues
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
Export as PDF
  1. Configuration
  2. Authentication
  3. For Kafka

AWS IAM

How to configure AWS IAM Authentication

Kafbat UI comes with a built-in aws-msk-iam-auth library.

You could pass SASL configs in the properties section for each cluster.

More details could be found here: aws-msk-iam-auth

More about permissions: MSK (+Serverless) Setup

Examples:

Please replace

  • <KAFKA_URL> with broker list

  • <PROFILE_NAME> with your AWS profile

Running From Docker Image

docker run -p 8080:8080 \
    -e KAFKA_CLUSTERS_0_NAME=local \
    -e KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS=<KAFKA_URL> \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL=SASL_SSL \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_MECHANISM=AWS_MSK_IAM \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_CLIENT_CALLBACK_HANDLER_CLASS=software.amazon.msk.auth.iam.IAMClientCallbackHandler \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_JAAS_CONFIG='software.amazon.msk.auth.iam.IAMLoginModule required awsProfileName="<PROFILE_NAME>";' \
    -d ghcr.io/kafbat/kafka-ui 

Configuring by application.yaml

kafka:
  clusters:
    - name: local
      bootstrapServers: <KAFKA_URL>
      properties:
        security.protocol: SASL_SSL
        sasl.mechanism: AWS_MSK_IAM
        sasl.client.callback.handler.class: software.amazon.msk.auth.iam.IAMClientCallbackHandler
        sasl.jaas.config: software.amazon.msk.auth.iam.IAMLoginModule required awsProfileName="<PROFILE_NAME>";
PreviousFor KafkaNextSASL_SCRAM

Last updated 2 months ago

Was this helpful?

🛠️