feat(msk): support ServerlessCluster #32780
Conversation
github-actions
bot
added
effort/medium
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
mazyu36
force-pushed
the
msk-serverless
branch
from
b5f1c88 to
6147f11
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #32780 +/- ##
=======================================
Coverage 80.84% 80.84%
=======================================
Files 236 236
Lines 14230 14230
Branches 2487 2487
=======================================
Hits 11504 11504
Misses 2442 2442
Partials 284 284
Flags with carried forward coverage won't be shown. Click here to find out more.
|
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
| clientAuthentication: { | ||
| sasl: { | ||
| iam: { | ||
| enabled: true, |
There was a problem hiding this comment.
This property is required and cannot be false.
I tried deploying with enabled set to false, but the deployment failed with the following error:
A serverless cluster must use SASL/IAM authentication. (Service: Kafka, Status Code: 400, Request ID...As a result, I have decided not to expose this property.
There was a problem hiding this comment.
Thank you for your information.
All the CloudFormation documents are useless, and I wish something could be done about it.
There was a problem hiding this comment.
Can we add a TODO or some sort of comment here? My concern is that MSK team fix this issue and in the future if it supports IAM as disabled but something else as enabled, we know that this section of code needs to be updated.
There was a problem hiding this comment.
@GavinZZ
Thank you. I have added a TODO comment.
Since MSK Serverless currently only supports IAM authentication, the inability to disable it seems to be the expected behavior.
https://docs.aws.amazon.com/msk/latest/developerguide/serverless.html
MSK Serverless requires IAM access control for all clusters. Apache Kafka access control lists (ACLs) are not supported.
If additional authentication methods are supported in the future, it may become possible to disable it.
aws-cdk-automation
added
the
pr/needs-community-review
| clientAuthentication: { | ||
| sasl: { | ||
| iam: { | ||
| enabled: true, |
There was a problem hiding this comment.
Thank you for your information.
All the CloudFormation documents are useless, and I wish something could be done about it.
aws-cdk-automation
removed
the
pr/needs-community-review
Co-authored-by: Kazuho Cryer-Shinozuka <[email protected]>
aws-cdk-automation
added
the
pr/needs-maintainer-review
|
@GavinZZ |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
aws-cdk-automation
removed
the
pr/needs-maintainer-review
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
@Mergifyio update |
☑️ Nothing to do
|
|
@Mergifyio refresh |
✅ Pull request refreshed |
|
@Mergifyio requeue |
❌ Command disallowed due to command restrictions in the Mergify configuration.
|
|
@Mergifyio update |
✅ Branch has been successfully updated |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
@mergify update |
✅ Branch has been successfully updated |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. |
Issue # (if applicable)
Closes #28709.
Reason for this change
L2 Construct for MSK Serverless is not supported.
Description of changes
Add
ServerlessClusterclass.Describe any new or updated permissions being added
Nothing
Description of how you validated changes
Add unit tests and integ test.
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license