Skip to main content

Configuring Amazon Managed Streaming for Apache Kafka provider

There are two possible topologies when using Private Link with MSK:

Using a different PrivateLink for each MSK broker
Using a single PrivateLink for all the brokers

For more discussion of these topologies, see AWS Big Data Blog > Secure connectivity patterns to access MSK.

To create AWS PrivateLink for Amazon MSK, create a VPC endpoint with the following properties:

Service Category: Other endpoint services.
Service Setting: provide the endpoint service name found in VPC > Endpoint Services > Service Name.
VPC: the destination VPC.

Note

Make sure the Enable DNS Hostname option is enabled in your VPC.

Routing users to your application

Amazon Route 53 is a a reliable and cost-effective way to route end users to Internet applications.

Configure the hosted zone in Amazon Route 53:

Create a Route 53 hosted zone for kafka.<region>.amazonaws.com if it does not exist.
Create a Route 53 record which maps the VPC endpoint URL to the broker URL name.

Would you like to provide feedback? Just click here to suggest edits.