Last active
May 24, 2024 08:52
-
-
Save bruceoutdoors/d51720c11c2d573dc11706b9ccb35d8b to your computer and use it in GitHub Desktop.
Generate kaf (https://github.com/birdayz/kaf) configuration with AWS MSK clusters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -o errexit -o nounset -o pipefail | |
| # Generate kaf (https://github.com/birdayz/kaf) configuration with AWS MSK clusters | |
| # Usage: | |
| # # Setup new config: | |
| # AWS_PROFILE=dev ./gen-kaf-conf.sh > ~/.kaf/config && kaf config select-cluster | |
| # | |
| # # Append to existing config (tail command removes first line): | |
| # AWS_PROFILE=dev ./gen-kaf-conf.sh | tail -n+2 >> ~/.kaf/config | |
| echo "clusters: " | |
| while IFS= read -r line; do | |
| read -r name arn unauthenticated iam <<< "$line" | |
| # Just get the first broker - client is clever to figure out the rest | |
| broker=$(aws kafka get-bootstrap-brokers --cluster-arn $arn --output=text | cut -d',' -f1) | |
| # echo "** MSK name: $name ARN: $arn NoAuth: $unauthenticated IAM: $iam" >&2 | |
| echo "- name: $name" | |
| echo " brokers:" | |
| echo " - $broker" | |
| # If Unauthenticated is enabled, we skip IAM auth | |
| if [[ "$iam" == "True" && "$unauthenticated" != "True" ]]; then | |
| echo " SASL:" | |
| echo " mechanism: AWS_MSK_IAM" | |
| echo " security-protocol: SASL_SSL" | |
| fi | |
| done < <(aws kafka list-clusters-v2 --no-paginate --no-cli-pager --output=text \ | |
| --query='ClusterInfoList[*].[ClusterName, ClusterArn, Provisioned.ClientAuthentication.Unauthenticated.Enabled, Provisioned.ClientAuthentication.Sasl.Iam.Enabled]') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment