1 Answer
- Newest
- Most votes
- Most comments
0
MSK supports SASL SCRAM with the users defined in AWS Secrets Manager ONLY. Please follow the documentation on how to create and associate a user with MSK. After that, use Kafka ACLs to manage permissions for that users.
answered 10 days ago
Relevant content
- AWS OFFICIALUpdated a year ago
- How do I troubleshoot common issues when using my Amazon MSK cluster with SASL/SCRAM authentication?AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 6 months ago
Error points to failed authentication. I think the user hasn't been created properly, or a client application doesn't define properties correctly. Please add more details, make sure the secret you are using is listed under MSK -https://docs.aws.amazon.com/cli/latest/reference/kafka/list-scram-secrets.html . Follow the documentation to properly define a new user for MSK: https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html
Let me clarify, I used only Kafka API and created user (No MSK secrets). In vanilla Kafka it works (all users are stored in ZK config), but in AWS such users fail authentication.
Can I use AWS admin user to create other users via default Kafka API? Or such users are not considered as valid credentials to connect MSK?