Connector Improvement: Enable AWS EKS via PrivateLink to connect without cross account IAM role
Answered
Based on the section "After Amazon MSK multi-VPC connectivity and cluster policy" on this document, a cluster policy should be good enough to allow a kafka client to connect to MSK via PrivateLink, there is no need to do a cross account IAM role. However when we select IAM authentication on MSK connector, it shows IAM role as mandatory field. Ideally fivetran should create an IAM role on their account and use it to connect to the MSK cluster instead of requesting a cross account IAM role to assume.
-
Official comment
Hi Pankaj,
This connector improvement request has been added to our feature improvements backlog. Updates and any progress will be shared here in this thread.
Thanks,
Parmeet
Please sign in to leave a comment.
Comments
1 comment