-
Notifications
You must be signed in to change notification settings - Fork 195
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updated Kafka security configuration #2994
Conversation
Signed-off-by: Krishna Kondaka <[email protected]>
Signed-off-by: Krishna Kondaka <[email protected]>
.../src/main/java/org/opensearch/dataprepper/plugins/kafka/configuration/KafkaSourceConfig.java
Outdated
Show resolved
Hide resolved
return plainTextAuthConfig; | ||
@AssertTrue(message = "Only one of SSL or SASL auth config must be specified") | ||
public boolean hasSaslOrSslConfig() { | ||
return Stream.of(sslAuthConfig, saslAuthConfig).filter(n -> n!=null).count() == 1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should we have a similar check on sasl_mechanism as well? I guess only one of the mechanisms should be specified.
...-plugins/src/main/java/org/opensearch/dataprepper/plugins/kafka/configuration/AwsConfig.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Krishna Kondaka <[email protected]>
Signed-off-by: Krishna Kondaka <[email protected]>
if (awsIamAuthConfig == AwsIamAuthConfig.ROLE) { | ||
properties.put("sasl.jaas.config", | ||
"software.amazon.msk.auth.iam.IAMLoginModule required " + | ||
"awsRoleArn=\"" + awsConfig.getStsRoleArn()+ | ||
"\" awsStsRegion=\""+ awsConfig.getRegion()+"\";"); | ||
} else if (awsIamAuthConfig == AwsIamAuthConfig.DEFAULT) { | ||
properties.put("sasl.jaas.config", | ||
"software.amazon.msk.auth.iam.IAMLoginModule required;"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you explain what these properties are?
* Add Kafka Security Configurations Signed-off-by: Krishna Kondaka <[email protected]> * Modified kafka security config. Added new fields to AwsConfig Signed-off-by: Krishna Kondaka <[email protected]> * Addressed review comments Signed-off-by: Krishna Kondaka <[email protected]> * Modified AwsConfig to have msk option that can take multiple options Signed-off-by: Krishna Kondaka <[email protected]> --------- Signed-off-by: Krishna Kondaka <[email protected]> Co-authored-by: Krishna Kondaka <[email protected]> Signed-off-by: George Chen <[email protected]>
Description
Updated Kafka security configuration.
Issues Resolved
[List any issues this PR will resolve]
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.