Creating and Connecting an AWS MSK cluster using SASL

Albert Wong
Nov 6, 2024

--

  1. Create an AWS Secret in AWS Secrets Manager (other type of secret, 2 key/value rows of username and password; need to create a new encryption key since MSK doesn’t like default)
  2. Create a MSK cluster. You will have to pick a custom provisioned type (serverless, and the provisioned default is IAM).
  3. After you finish creating your MSK cluster, it’ll ask you to associate a secret. This is where you select the one you just created.
  4. Create a VPC peering between the MSK VPC and the calling VPC. Enable resolve DNS of hosts for both VPCs and create 2 route table entries.
  5. Modify AWS security group to add your application's security to MSK security group’s inbound rules.
  6. Connect using client credentials SASL/SCRAM_SHA_512 using the username and password you’ve defined.

I tested the client connection by installing conduktor (cloud formation).

--

--

Albert Wong
Albert Wong

Written by Albert Wong

#eCommerce #Java #Database #k8s #Automation. Hobbies: #BoardGames #Comics #Skeet #VideoGames #Pinball #Magic #YelpElite #Travel #Candy

No responses yet