...
Field Name | Field Type | Description | |
|---|---|---|---|
Label*
Default Value: Kafka MSK IAM Account | String | Specify a unique label for the account.
| |
Bootstrap servers* | Use this field set to specify the ordered list of host-port pairs to establish an initial connection to the Kafka cluster. | ||
Bootstrap server
Default Value: N/A b-1.kafka-cluster-name.abcde.c5.kafka.us-west-2.amazonaws.com:9092 | String/Expression | Specify a host-port pair that you use to establish an initial connection to the Kafka cluster.
| |
Schema registry URL
Default Value: N/A | String/Expression | Specify the URL for the schema registry server. | |
Advanced Kafka properties | Use this field set to specify any additional properties to connect to the Kafka server not explicitly provided in the Snap. These properties are directly passed to the Kafka server and not tested by SnapLogic, Inc. | ||
Key
Default Value: N/A | String/Expression | Specify the key for the Kafka property that the Snap does not explicitly support.
| |
Value
Default Value: N/A | Integer/Expression | Specify the value for the Kafka property that Snap does not explicitly support.
| |
Security protocol
Default Value: SASL_SSL | String/Expression | Select one of the following security protocols from the suggestions:
| |
Cross account IAM properties | The IAM role either must have sufficient permissions to access the MSK cluster or can assume another IAM role with these permissions. If the role has sufficient permissions, then none of the Cross Account IAM fields need to be set. | ||
AWS role ARN
Default Value: N/A | String/Expression | Specify the ARN of the cross-account IAM role. This ARN defines the permissions and trust policies for assuming the role. Learn more about ARNs. | |
External ID
Default Value: N/A | String/Expression | Specify the external ID to add an extra layer of security by preventing ‘confused deputy’ attacks. Learn more - confused deputy attacks. You must configure this field when a third party assumes the role. | |
AWS region
Default Value: N/A | String/Expression | Specify the AWS region where the application is running.
| |
Session name
Default Value: N/A | String/Expression | Specify an identifier for the assumed role session. This identifier helps to uniquely identify a session when different entities assume the same role. | |
...
Error | Reason | Resolution |
|---|---|---|
| The Role ARN, External ID, or the session duration has incorrect information. | Ensure that the role configuration, ARN, external ID, and session duration are correct, check AWS service status, handle exceptions properly, and consult customer contact Customer support if needed. |
...
Debug IAM Permissions
The Kafka MSK IAM Account contains an IAM debug property, which, when enabled logs the IAM credential identity in the Snaplex logsupports debugging for IAM configuration. To enable this propertyIAM debugging, you need to must update the Snaplex configuration, specifically the logging level, and define a JVM system property. When you enable IAM debugging (Global properties and Logging Level) in the Snaplex configuration, the account logs the IAM credential identity in the Snaplex log.
| Note |
|---|
Enabling the debug property might have a potential performance implication. Therefore, we recommend that you use this feature in your development environment instead of the production environment. If you need to enable this property in your production environment, we advise you to leave it enabled only until the issue is resolved and then disable it afterward. |
On the Logging tab, set the logging level to Debug.
On the Node Properties tab, define a Global Property for JVM system properties as shown below or append a value to an existing property.
Key: jcc.jvm_optionsValue: -Daws.msk.iam.debug=true
Restart the Snaplex node.
...