Cross Account connectivity from IoT core Rule action to MSK

0

Is it feasible to integrate AWS IoT Core Rule actions with MSK in a different account? The document https://docs.aws.amazon.com/iot/latest/developerguide/accessing-cross-account-resources-using-rules.html says it will work for all services that support resource-based policies. However, it mentions -"supported services include Amazon SQS, Amazon SNS, Amazon S3, and AWS Lambda ". It does not mention MSK. As MSK also supports resource-based policies - does it work in cross account setup?

1 Answer
0

While AWS IoT rules can be configured for cross-account access, this is only possible for destinations that support resource-based permissions. The supported destinations include Amazon SQS, Amazon SNS, Amazon S3, and AWS Lambda. Amazon Managed Streaming for Apache Kafka (MSK) supports resource-based policies, but it’s not explicitly listed as a supported service for cross-account access with AWS IoT rules. Therefore, direct cross-account integration between AWS IoT Core and MSK may not be supported. A potential workaround could be to push data into a SQS queue in the other account and then pull data using Lambda to ingest it to MSK.

profile picture
EXPERT
answered 3 months ago
  • This may be costly due to high throughput of messages. Huge number of lambdas will be needed. From IoT core there is SQS to event bridge. Is it possible to integrate cross account Kinesis Stream from Event Bridge?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions