f4f8b4fa67
* Update issue templates * Update PULL_REQUEST_TEMPLATE.md * Update PULL_REQUEST_TEMPLATE.md * Update stale labels * Move files, minor updates * Moved files, minor updates * Update bug_report.md * Update feature_request.md * Add roadmap document Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Update SECURITY.md Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Update stale periods Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Add a stub for guidelines for QA Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Extract building/running instructions from the readme Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * move testing guidelines Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Table of contents for contributing Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Add license and release badges Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Add info about actuator endpoints Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Update logotype and slogan Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Redone contributing guide Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com> * Minor updates Signed-off-by: Roman Zabaluev <rzabaluev@provectus.com>
41 lines
No EOL
1.4 KiB
Markdown
41 lines
No EOL
1.4 KiB
Markdown
# How to configure AWS IAM Authentication
|
|
|
|
UI for Apache Kafka comes with built-in [aws-msk-iam-auth](https://github.com/aws/aws-msk-iam-auth) library.
|
|
|
|
You could pass sasl configs in properties section for each cluster.
|
|
|
|
More details could be found here: [aws-msk-iam-auth](https://github.com/aws/aws-msk-iam-auth)
|
|
|
|
## Examples:
|
|
|
|
Please replace
|
|
* <KAFKA_URL> with broker list
|
|
* <PROFILE_NAME> with your aws profile
|
|
|
|
|
|
### Running From Docker Image
|
|
|
|
```sh
|
|
docker run -p 8080:8080 \
|
|
-e KAFKA_CLUSTERS_0_NAME=local \
|
|
-e KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS=<KAFKA_URL> \
|
|
-e KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL=SASL_SSL \
|
|
-e KAFKA_CLUSTERS_0_PROPERTIES_SASL_MECHANISM=AWS_MSK_IAM \
|
|
-e KAFKA_CLUSTERS_0_PROPERTIES_SASL_CLIENT_CALLBACK_HANDLER_CLASS=software.amazon.msk.auth.iam.IAMClientCallbackHandler \
|
|
-e KAFKA_CLUSTERS_0_PROPERTIES_SASL_JAAS_CONFIG=software.amazon.msk.auth.iam.IAMLoginModule required awsProfileName="<PROFILE_NAME>"; \
|
|
-d provectuslabs/kafka-ui:latest
|
|
```
|
|
|
|
### Configuring by application.yaml
|
|
|
|
```yaml
|
|
kafka:
|
|
clusters:
|
|
- name: local
|
|
bootstrapServers: <KAFKA_URL>
|
|
properties:
|
|
security.protocol: SASL_SSL
|
|
sasl.mechanism: AWS_MSK_IAM
|
|
sasl.client.callback.handler.class: software.amazon.msk.auth.iam.IAMClientCallbackHandler
|
|
sasl.jaas.config: software.amazon.msk.auth.iam.IAMLoginModule required awsProfileName="<PROFILE_NAME>";
|
|
``` |