Facing issue with custom configuration for MSK

0

I am facing an issue with the msk custom configuration. when I used custom configuration I got the error Error while executing topic command : Authorization failed. [2023-07-08 12:40:27,857] ERROR org.apache.kafka.common.errors.TopicAuthorizationException: Authorization failed. (kafka.admin.TopicCommand$)

Even I enabled the plaintext authorization. check the below configuration :- allow.everyone.if.no.acl.found=false auto.create.topics.enable=true compression.type=gzip connections.max.idle.ms=600000 default.replication.factor=2 log.cleaner.delete.retention.ms=86400000 log.cleaner.min.cleanable.ratio=0.5 log.cleanup.policy=delete log.flush.interval.messages=10000 log.flush.interval.ms=1000 log.message.timestamp.difference.max.ms=604800000 log.message.timestamp.type=CreateTime log.retention.bytes=107374182400 log.retention.hours=48 log.retention.minutes=0 log.retention.ms=172800000 log.roll.ms=604800000 log.segment.bytes=536870912 max.incremental.fetch.session.cache.slots=1000000 message.max.bytes=1000000 min.insync.replicas=2 num.io.threads=8 num.network.threads=5 num.partitions=1 num.recovery.threads.per.data.dir=1 num.replica.fetchers=2 offsets.retention.minutes=1440 offsets.topic.replication.factor=2 replica.fetch.max.bytes=1048576 replica.fetch.response.max.bytes=10485760 replica.lag.time.max.ms=30000 replica.selector.class=org.apache.kafka.common.replica.RackAwareReplicaSelector replica.socket.receive.buffer.bytes=102400 socket.receive.buffer.bytes=102400 socket.request.max.bytes=10485760 socket.send.buffer.bytes=102400 transaction.max.timeout.ms=60000 transaction.state.log.min.isr=2 transaction.state.log.replication.factor=3 transactional.id.expiration.ms=604800000 unclean.leader.election.enable=false zookeeper.connection.timeout.ms=18000 zookeeper.session.timeout.ms=18000

please help me out this.

asked a year ago576 views
1 Answer
1

If you are using IAM authentication and your access policy blocks topic operations like WriteData and ReadData then you get org.apache.kafka.common.errors.TopicAuthorizationException.

Also, permission boundaries and service control policies also block user attempting to connect to the cluster without the required authorization.

If you're using non-IAM authentication, then ensure that you have topic level access control lists (ACLs) that block operations.

You can run below command to list the ACLs that are applied on a topic:

bin/kafka-acls.sh --bootstrap-server $BOOTSTRAP:PORT --command-config adminclient-configs.conf –-list –-topic testtopic

Please refer https://repost.aws/knowledge-center/msk-cluster-connection-issues for more details.

AWS
Harita
answered 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions