https://github.com/aidanmelen/strimzi-kafka-operator-aws-msk-iam-auth
https://github.com/aidanmelen/strimzi-kafka-operator-aws-msk-iam-auth
Last synced: 4 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/aidanmelen/strimzi-kafka-operator-aws-msk-iam-auth
- Owner: aidanmelen
- Created: 2023-02-07T15:37:47.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2023-02-07T20:25:21.000Z (over 2 years ago)
- Last Synced: 2024-11-14T01:34:07.106Z (6 months ago)
- Language: Shell
- Size: 13.7 KB
- Stars: 7
- Watchers: 1
- Forks: 2
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# strimzi-kafka-operator-aws-msk-iam-auth
This repository contains a pattern for extending the `kafka-base` image from the [strimzi-kafka-operator](https://github.com/strimzi/strimzi-kafka-operator/tree/main/docker-images/kafka-based) to support SASL/IAM authentication mechanism for AWS MSK.
This pattern utilizes hardcoded authentication mechanism properties for SASL/IAM, thus rendering the `spec.authentication.mechanism` values will be ignored.
## Examples
Kafka Connect
```yaml
apiVersion: kafka.strimzi.io/v1beta2
kind: KafkaConnect
metadata:
name: my-connect
spec:
image: aidanmelen/strimzi-kafka-operator-aws-msk-iam-auth:0.33.0-kafka-3.3.2-aws-latest
replicas: 1
bootstrapServers: "${BOOTSTRAP_BROKERS_SASL_IAM}"
config:
group.id: connect-cluster
offset.storage.topic: _connect-storage
config.storage.topic: _connect-offset
status.storage.topic: _connect-status
template:
# Uncomment for EKS IRSA credentials
# serviceAccount:
# metadata:
# annotations:
# "eks.amazonaws.com/role-arn": "${AWS_ROLE_ARN}"
# Uncomment for IAM User credentials
# connectContainer:
# env:
# - name: AWS_ACCESS_KEY_ID
# value: "${AWS_ACCESS_KEY_ID}"
# - name: AWS_SECRET_ACCESS_KEY
# value: "${AWS_SECRET_ACCESS_KEY}"
```