IAM based authentication is slower compared to SCRAM-SHA-512 #15
Comments
|
Thanks for raising this. Would it be possible to isolate whether it is the client which is taking time to generate the token, or whether it is responses from the server which are delayed? |
|
@sankalpbhatia i can see token is genrating faster, when i directly call tp.token()
|
|
I am afraid I am not able to reproduce this on my local setup. The script you shared works pretty much instantly for me on my Linux client machine. If you have access to another cluster, would it be possible to check if this issue is isolated to one cluster? If yes, Would it be possible for you to raise an AWS Support Case for this? |
|
user name password authentication
`
consumer = KafkaConsumer(
security_protocol="SASL_SSL",
sasl_mechanism="SCRAM-SHA-512",
sasl_plain_username=self.config.KAFKA_USER,
sasl_plain_password=self.config.KAFKA_PASSWORD,
bootstrap_servers=self.bootstrap_servers
)
all_topics = consumer.topics()
with iam
`
from kafka import KafkaConsumer
from aws_msk_iam_sasl_signer import MSKAuthTokenProvider
import socket
class MSKTokenProvider():
def init(self, region_name):
self.region_name = region_name
def token(self):
token, _ = MSKAuthTokenProvider.generate_auth_token(self.region_name)
return token
region_name = {aws_region}
tp = MSKTokenProvider(region_name)
consumer = KafkaConsumer(
bootstrap_servers={server},
security_protocol='SASL_SSL',
sasl_mechanism='OAUTHBEARER',
sasl_oauth_token_provider=tp,
client_id=socket.gethostname()
)
all_topics = consumer.topics()
`
`
Description
compared to SCRAM-SHA-512 , current i am based authentication is very slow, with SCRAM-SHA-512 i am able to list all topics in couple of seconds but with iam its always taking 25 to 40 seconds
What I Did
The text was updated successfully, but these errors were encountered: