Our support for AWS IAM authentication to Amazon MSK is now generally available, allowing users the option of authenticating to their MSK clusters via AWS IAM role assumption rather than through static credentials.
-- Create an AWS connection object to AWS referencing your IAM role
CREATE CONNECTION aws_msk TO AWS (
-- Replace <account-id> with the 12-digit number that identifies your AWS
-- account, and <role> with the name of the IAM role you want Materialize to
-- assume.
ASSUME ROLE ARN = 'arn:aws:iam::<account-id>:role/<role>'
);
-- Now connect Materialize to Kafka!
CREATE CONNECTION kafka_msk TO KAFKA (
BROKER 'msk.mycorp.com:9092',
-- To use IAM authentication, the security protocol must be
-- SASL_PLAINTEXT or SASL_SSL.
SECURITY PROTOCOL = 'SASL_SSL',
AWS CONNECTION = aws_msk
);See our full documentation for how to connect to Amazon MSK with IAM.