UI for Apache Kafka
GithubDiscord
  • 🎓Overview
    • About
    • Features
    • Getting started
  • 🛣️Project
    • Code of Conduct
    • Roadmap
  • 🧱Development
    • Contributing
    • Setting up git
    • Building
      • Prerequisites
      • With Docker
      • Without Docker
    • WIP: Testing
  • ⚡Quick Start
    • 🔍Prerequisites
      • Kafka Permissions
        • Standalone Kafka ACLs
        • MSK (+Serverless) Setup
    • Demo run
    • AWS Marketplace
    • Persistent start
    • K8s / Helm
  • 🛠️Configuration
    • Configuration wizard
    • Configuration file
    • Compose examples
    • Helm charts
      • Quick start
      • Configuration
        • SSL example
      • Resource limits
      • Sticky sessions
    • Misc configuration properties
    • Complex configuration examples
      • Kraft mode + multiple brokers
    • Kafka w/ SSL
    • Authentication
      • Basic Authentication
      • OAuth2
      • AWS IAM
      • LDAP / Active Directory
      • SSO Guide
      • SASL_SCRAM
    • RBAC (Role based access control)
      • Supported Identity Providers
    • Data masking
    • Audit log
    • Serialization / SerDe
    • OpenDataDiscovery Integration
  • ❓FAQ
    • Common problems
    • FAQ
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
Export as PDF
  1. Configuration
  2. Authentication

AWS IAM

How to configure AWS IAM Authentication

PreviousOAuth2NextLDAP / Active Directory

Last updated 1 year ago

Was this helpful?

UI for Apache Kafka comes with a built-in library.

You could pass SASL configs in the properties section for each cluster.

More details could be found here:

More about permissions: MSK (+Serverless) Setup

Examples:

Please replace

  • <KAFKA_URL> with broker list

  • <PROFILE_NAME> with your AWS profile

Running From Docker Image

docker run -p 8080:8080 \
    -e KAFKA_CLUSTERS_0_NAME=local \
    -e KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS=<KAFKA_URL> \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL=SASL_SSL \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_MECHANISM=AWS_MSK_IAM \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_CLIENT_CALLBACK_HANDLER_CLASS=software.amazon.msk.auth.iam.IAMClientCallbackHandler \
    -e KAFKA_CLUSTERS_0_PROPERTIES_SASL_JAAS_CONFIG=software.amazon.msk.auth.iam.IAMLoginModule required awsProfileName="<PROFILE_NAME>"; \
    -d provectuslabs/kafka-ui:latest 

Configuring by application.yaml

kafka:
  clusters:
    - name: local
      bootstrapServers: <KAFKA_URL>
      properties:
        security.protocol: SASL_SSL
        sasl.mechanism: AWS_MSK_IAM
        sasl.client.callback.handler.class: software.amazon.msk.auth.iam.IAMClientCallbackHandler
        sasl.jaas.config: software.amazon.msk.auth.iam.IAMLoginModule required awsProfileName="<PROFILE_NAME>";
🛠️
aws-msk-iam-auth
aws-msk-iam-auth