Posted On: Sep 21, 2020
HAQM Managed Streaming for Apache Kafka (HAQM MSK) can now authenticate Apache Kafka clients using usernames and passwords for new clusters, secured by AWS Secrets Manager. Username and password authentication uses SASL/SCRAM (Simple Authentication and Security Layer/Salted Challenge Response Authentication Mechanism), a popular authentication mechanism supported by Apache Kafka. By storing credentials in AWS Secrets Manager, you can reduce the overhead of maintaining a traditional Apache Kafka authentication system, including: auditing, updating, and rotating client credentials. You can also centrally and securely manage credentials for multiple clusters directly from the AWS Management console. SASL/SCRAM authentication can be used in all AWS regions where MSK is available.
HAQM MSK is a fully managed service for Apache Kafka that makes it easy for you to build and run applications that use Apache Kafka as a data store. HAQM MSK is 100% compatible with Apache Kafka, which enables you to quickly migrate your existing Apache Kafka workloads to HAQM MSK with confidence or build new ones from scratch. With HAQM MSK, you spend more time innovating on applications and less time managing clusters. To learn how to get started, see the HAQM MSK Developer Guide.