CfnCluster

class aws_cdk.aws_msk.CfnCluster(scope, id, *, broker_node_group_info, cluster_name, kafka_version, number_of_broker_nodes, client_authentication=None, configuration_info=None, current_version=None, encryption_info=None, enhanced_monitoring=None, logging_info=None, open_monitoring=None, storage_mode=None, tags=None)

Bases: CfnResource

A CloudFormation AWS::MSK::Cluster.

Creates a new MSK cluster. The following Python 3.6 examples shows how you can create a cluster that’s distributed over two Availability Zones. Before you run this Python script, replace the example subnet and security-group IDs with the IDs of your subnets and security group. When you create an MSK cluster, its brokers get evenly distributed over a number of Availability Zones that’s equal to the number of subnets that you specify in the BrokerNodeGroupInfo parameter. In this example, you can add a third subnet to get a cluster that’s distributed over three Availability Zones:

import boto3 client = boto3.client('kafka') response = client.create_cluster( BrokerNodeGroupInfo={ 'BrokerAZDistribution': 'DEFAULT', 'ClientSubnets': [ 'subnet-012345678901fedcba', 'subnet-9876543210abcdef01' ], 'InstanceType': 'kafka.m5.large', 'SecurityGroups': [ 'sg-012345abcdef789789' ] }, ClusterName='SalesCluster', EncryptionInfo={ 'EncryptionInTransit': { 'ClientBroker': 'TLS_PLAINTEXT', 'InCluster': True } }, EnhancedMonitoring='PER_TOPIC_PER_BROKER', KafkaVersion='2.2.1', NumberOfBrokerNodes=2
) print(response)
CloudformationResource:

AWS::MSK::Cluster

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

cfn_cluster = msk.CfnCluster(self, "MyCfnCluster",
    broker_node_group_info=msk.CfnCluster.BrokerNodeGroupInfoProperty(
        client_subnets=["clientSubnets"],
        instance_type="instanceType",

        # the properties below are optional
        broker_az_distribution="brokerAzDistribution",
        connectivity_info=msk.CfnCluster.ConnectivityInfoProperty(
            public_access=msk.CfnCluster.PublicAccessProperty(
                type="type"
            ),
            vpc_connectivity=msk.CfnCluster.VpcConnectivityProperty(
                client_authentication=msk.CfnCluster.VpcConnectivityClientAuthenticationProperty(
                    sasl=msk.CfnCluster.VpcConnectivitySaslProperty(
                        iam=msk.CfnCluster.VpcConnectivityIamProperty(
                            enabled=False
                        ),
                        scram=msk.CfnCluster.VpcConnectivityScramProperty(
                            enabled=False
                        )
                    ),
                    tls=msk.CfnCluster.VpcConnectivityTlsProperty(
                        enabled=False
                    )
                )
            )
        ),
        security_groups=["securityGroups"],
        storage_info=msk.CfnCluster.StorageInfoProperty(
            ebs_storage_info=msk.CfnCluster.EBSStorageInfoProperty(
                provisioned_throughput=msk.CfnCluster.ProvisionedThroughputProperty(
                    enabled=False,
                    volume_throughput=123
                ),
                volume_size=123
            )
        )
    ),
    cluster_name="clusterName",
    kafka_version="kafkaVersion",
    number_of_broker_nodes=123,

    # the properties below are optional
    client_authentication=msk.CfnCluster.ClientAuthenticationProperty(
        sasl=msk.CfnCluster.SaslProperty(
            iam=msk.CfnCluster.IamProperty(
                enabled=False
            ),
            scram=msk.CfnCluster.ScramProperty(
                enabled=False
            )
        ),
        tls=msk.CfnCluster.TlsProperty(
            certificate_authority_arn_list=["certificateAuthorityArnList"],
            enabled=False
        ),
        unauthenticated=msk.CfnCluster.UnauthenticatedProperty(
            enabled=False
        )
    ),
    configuration_info=msk.CfnCluster.ConfigurationInfoProperty(
        arn="arn",
        revision=123
    ),
    current_version="currentVersion",
    encryption_info=msk.CfnCluster.EncryptionInfoProperty(
        encryption_at_rest=msk.CfnCluster.EncryptionAtRestProperty(
            data_volume_kms_key_id="dataVolumeKmsKeyId"
        ),
        encryption_in_transit=msk.CfnCluster.EncryptionInTransitProperty(
            client_broker="clientBroker",
            in_cluster=False
        )
    ),
    enhanced_monitoring="enhancedMonitoring",
    logging_info=msk.CfnCluster.LoggingInfoProperty(
        broker_logs=msk.CfnCluster.BrokerLogsProperty(
            cloud_watch_logs=msk.CfnCluster.CloudWatchLogsProperty(
                enabled=False,

                # the properties below are optional
                log_group="logGroup"
            ),
            firehose=msk.CfnCluster.FirehoseProperty(
                enabled=False,

                # the properties below are optional
                delivery_stream="deliveryStream"
            ),
            s3=msk.CfnCluster.S3Property(
                enabled=False,

                # the properties below are optional
                bucket="bucket",
                prefix="prefix"
            )
        )
    ),
    open_monitoring=msk.CfnCluster.OpenMonitoringProperty(
        prometheus=msk.CfnCluster.PrometheusProperty(
            jmx_exporter=msk.CfnCluster.JmxExporterProperty(
                enabled_in_broker=False
            ),
            node_exporter=msk.CfnCluster.NodeExporterProperty(
                enabled_in_broker=False
            )
        )
    ),
    storage_mode="storageMode",
    tags={
        "tags_key": "tags"
    }
)

Create a new AWS::MSK::Cluster.

Parameters:
  • scope (Construct) –

    • scope in which this resource is defined.

  • id (str) –

    • scoped id of the resource.

  • broker_node_group_info (Union[BrokerNodeGroupInfoProperty, Dict[str, Any], IResolvable]) – Information about the broker nodes in the cluster.

  • cluster_name (str) – The name of the cluster.

  • kafka_version (str) – The version of Apache Kafka. You can use Amazon MSK to create clusters that use Apache Kafka versions 1.1.1 and 2.2.1.

  • number_of_broker_nodes (Union[int, float]) – The number of broker nodes in the cluster.

  • client_authentication (Union[IResolvable, ClientAuthenticationProperty, Dict[str, Any], None]) – Includes all client authentication related information.

  • configuration_info (Union[IResolvable, ConfigurationInfoProperty, Dict[str, Any], None]) – Represents the configuration that you want MSK to use for the cluster.

  • current_version (Optional[str]) – The version of the cluster that you want to update.

  • encryption_info (Union[IResolvable, EncryptionInfoProperty, Dict[str, Any], None]) – Includes all encryption-related information.

  • enhanced_monitoring (Optional[str]) – Specifies the level of monitoring for the MSK cluster. The possible values are DEFAULT , PER_BROKER , and PER_TOPIC_PER_BROKER .

  • logging_info (Union[IResolvable, LoggingInfoProperty, Dict[str, Any], None]) – Logging Info details.

  • open_monitoring (Union[IResolvable, OpenMonitoringProperty, Dict[str, Any], None]) – The settings for open monitoring.

  • storage_mode (Optional[str]) – This controls storage mode for supported storage tiers.

  • tags (Optional[Mapping[str, str]]) – Create tags when creating the cluster.

Methods

add_deletion_override(path)

Syntactic sugar for addOverride(path, undefined).

Parameters:

path (str) – The path of the value to delete.

Return type:

None

add_depends_on(target)

Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.

This can be used for resources across stacks (or nested stack) boundaries and the dependency will automatically be transferred to the relevant scope.

Parameters:

target (CfnResource)

Return type:

None

add_metadata(key, value)

Add a value to the CloudFormation Resource Metadata.

Parameters:
  • key (str)

  • value (Any)

See:

Return type:

None

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.

add_override(path, value)

Adds an override to the synthesized CloudFormation resource.

To add a property override, either use addPropertyOverride or prefix path with “Properties.” (i.e. Properties.TopicName).

If the override is nested, separate each nested level using a dot (.) in the path parameter. If there is an array as part of the nesting, specify the index in the path.

To include a literal . in the property name, prefix with a \. In most programming languages you will need to write this as "\\." because the \ itself will need to be escaped.

For example:

cfn_resource.add_override("Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes", ["myattribute"])
cfn_resource.add_override("Properties.GlobalSecondaryIndexes.1.ProjectionType", "INCLUDE")

would add the overrides Example:

"Properties": {
   "GlobalSecondaryIndexes": [
     {
       "Projection": {
         "NonKeyAttributes": [ "myattribute" ]
         ...
       }
       ...
     },
     {
       "ProjectionType": "INCLUDE"
       ...
     },
   ]
   ...
}

The value argument to addOverride will not be processed or translated in any way. Pass raw JSON values in here with the correct capitalization for CloudFormation. If you pass CDK classes or structs, they will be rendered with lowercased key names, and CloudFormation will reject the template.

Parameters:
  • path (str) –

    • The path of the property, you can use dot notation to override values in complex types. Any intermdediate keys will be created as needed.

  • value (Any) –

    • The value. Could be primitive or complex.

Return type:

None

add_property_deletion_override(property_path)

Adds an override that deletes the value of a property from the resource definition.

Parameters:

property_path (str) – The path to the property.

Return type:

None

add_property_override(property_path, value)

Adds an override to a resource property.

Syntactic sugar for addOverride("Properties.<...>", value).

Parameters:
  • property_path (str) – The path of the property.

  • value (Any) – The value.

Return type:

None

apply_removal_policy(policy=None, *, apply_to_update_replace_policy=None, default=None)

Sets the deletion policy of the resource based on the removal policy specified.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

Parameters:
  • policy (Optional[RemovalPolicy])

  • apply_to_update_replace_policy (Optional[bool]) – Apply the same deletion policy to the resource’s “UpdateReplacePolicy”. Default: true

  • default (Optional[RemovalPolicy]) – The default policy to apply in case the removal policy is not defined. Default: - Default value is resource specific. To determine the default value for a resoure, please consult that specific resource’s documentation.

Return type:

None

get_att(attribute_name)

Returns a token for an runtime attribute of this resource.

Ideally, use generated attribute accessors (e.g. resource.arn), but this can be used for future compatibility in case there is no generated attribute.

Parameters:

attribute_name (str) – The name of the attribute.

Return type:

Reference

get_metadata(key)

Retrieve a value value from the CloudFormation Resource Metadata.

Parameters:

key (str)

See:

Return type:

Any

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.

inspect(inspector)

Examines the CloudFormation resource and discloses attributes.

Parameters:

inspector (TreeInspector) –

  • tree inspector to collect and process attributes.

Return type:

None

override_logical_id(new_logical_id)

Overrides the auto-generated logical ID with a specific ID.

Parameters:

new_logical_id (str) – The new logical ID to use for this stack element.

Return type:

None

to_string()

Returns a string representation of this construct.

Return type:

str

Returns:

a string representation of this resource

Attributes

CFN_RESOURCE_TYPE_NAME = 'AWS::MSK::Cluster'
attr_arn

Arn

Type:

cloudformationAttribute

broker_node_group_info

Information about the broker nodes in the cluster.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-brokernodegroupinfo

cfn_options

Options for this resource, such as condition, update policy etc.

cfn_resource_type

AWS resource type.

client_authentication

Includes all client authentication related information.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-clientauthentication

cluster_name

The name of the cluster.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-clustername

configuration_info

Represents the configuration that you want MSK to use for the cluster.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-configurationinfo

creation_stack

return:

the stack trace of the point where this Resource was created from, sourced from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most node +internal+ entries filtered.

current_version

The version of the cluster that you want to update.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-currentversion

encryption_info

Includes all encryption-related information.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-encryptioninfo

enhanced_monitoring

Specifies the level of monitoring for the MSK cluster.

The possible values are DEFAULT , PER_BROKER , and PER_TOPIC_PER_BROKER .

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-enhancedmonitoring

kafka_version

The version of Apache Kafka.

You can use Amazon MSK to create clusters that use Apache Kafka versions 1.1.1 and 2.2.1.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-kafkaversion

logging_info

Logging Info details.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-logginginfo

logical_id

The logical ID for this CloudFormation stack element.

The logical ID of the element is calculated from the path of the resource node in the construct tree.

To override this value, use overrideLogicalId(newLogicalId).

Returns:

the logical ID as a stringified token. This value will only get resolved during synthesis.

node

The construct tree node associated with this construct.

number_of_broker_nodes

The number of broker nodes in the cluster.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-numberofbrokernodes

open_monitoring

The settings for open monitoring.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-openmonitoring

ref

Return a string that will be resolved to a CloudFormation { Ref } for this element.

If, by any chance, the intrinsic reference of a resource is not a string, you could coerce it to an IResolvable through Lazy.any({ produce: resource.ref }).

stack

The stack in which this element is defined.

CfnElements must be defined within a stack scope (directly or indirectly).

storage_mode

This controls storage mode for supported storage tiers.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-storagemode

tags

Create tags when creating the cluster.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-cluster.html#cfn-msk-cluster-tags

Static Methods

classmethod is_cfn_element(x)

Returns true if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of instanceof to allow stack elements from different versions of this library to be included in the same stack.

Parameters:

x (Any)

Return type:

bool

Returns:

The construct as a stack element or undefined if it is not a stack element.

classmethod is_cfn_resource(construct)

Check whether the given construct is a CfnResource.

Parameters:

construct (IConstruct)

Return type:

bool

classmethod is_construct(x)

Return whether the given object is a Construct.

Parameters:

x (Any)

Return type:

bool

BrokerLogsProperty

class CfnCluster.BrokerLogsProperty(*, cloud_watch_logs=None, firehose=None, s3=None)

Bases: object

The broker logs configuration for this MSK cluster.

Parameters:
  • cloud_watch_logs (Union[IResolvable, CloudWatchLogsProperty, Dict[str, Any], None]) – Details of the CloudWatch Logs destination for broker logs.

  • firehose (Union[IResolvable, FirehoseProperty, Dict[str, Any], None]) – Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.

  • s3 (Union[IResolvable, S3Property, Dict[str, Any], None]) – Details of the Amazon S3 destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokerlogs.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

broker_logs_property = msk.CfnCluster.BrokerLogsProperty(
    cloud_watch_logs=msk.CfnCluster.CloudWatchLogsProperty(
        enabled=False,

        # the properties below are optional
        log_group="logGroup"
    ),
    firehose=msk.CfnCluster.FirehoseProperty(
        enabled=False,

        # the properties below are optional
        delivery_stream="deliveryStream"
    ),
    s3=msk.CfnCluster.S3Property(
        enabled=False,

        # the properties below are optional
        bucket="bucket",
        prefix="prefix"
    )
)

Attributes

cloud_watch_logs

Details of the CloudWatch Logs destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokerlogs.html#cfn-msk-cluster-brokerlogs-cloudwatchlogs

firehose

Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokerlogs.html#cfn-msk-cluster-brokerlogs-firehose

s3

Details of the Amazon S3 destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokerlogs.html#cfn-msk-cluster-brokerlogs-s3

BrokerNodeGroupInfoProperty

class CfnCluster.BrokerNodeGroupInfoProperty(*, client_subnets, instance_type, broker_az_distribution=None, connectivity_info=None, security_groups=None, storage_info=None)

Bases: object

Describes the setup to be used for the broker nodes in the cluster.

Parameters:
  • client_subnets (Sequence[str]) – The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces inside these subnets. Client applications use elastic network interfaces to produce and consume data. If you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify. Client subnets can’t occupy the Availability Zone with ID use1-az3 .

  • instance_type (str) – The type of Amazon EC2 instances to use for brokers. The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, and kafka.m5.24xlarge, and kafka.t3.small.

  • broker_az_distribution (Optional[str]) – This parameter is currently not in use.

  • connectivity_info (Union[IResolvable, ConnectivityInfoProperty, Dict[str, Any], None]) – Information about the cluster’s connectivity setting.

  • security_groups (Optional[Sequence[str]]) – The security groups to associate with the elastic network interfaces in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don’t specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the ec2:DescribeSecurityGroups permission.

  • storage_info (Union[IResolvable, StorageInfoProperty, Dict[str, Any], None]) – Contains information about storage volumes attached to Amazon MSK broker nodes.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokernodegroupinfo.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

broker_node_group_info_property = msk.CfnCluster.BrokerNodeGroupInfoProperty(
    client_subnets=["clientSubnets"],
    instance_type="instanceType",

    # the properties below are optional
    broker_az_distribution="brokerAzDistribution",
    connectivity_info=msk.CfnCluster.ConnectivityInfoProperty(
        public_access=msk.CfnCluster.PublicAccessProperty(
            type="type"
        ),
        vpc_connectivity=msk.CfnCluster.VpcConnectivityProperty(
            client_authentication=msk.CfnCluster.VpcConnectivityClientAuthenticationProperty(
                sasl=msk.CfnCluster.VpcConnectivitySaslProperty(
                    iam=msk.CfnCluster.VpcConnectivityIamProperty(
                        enabled=False
                    ),
                    scram=msk.CfnCluster.VpcConnectivityScramProperty(
                        enabled=False
                    )
                ),
                tls=msk.CfnCluster.VpcConnectivityTlsProperty(
                    enabled=False
                )
            )
        )
    ),
    security_groups=["securityGroups"],
    storage_info=msk.CfnCluster.StorageInfoProperty(
        ebs_storage_info=msk.CfnCluster.EBSStorageInfoProperty(
            provisioned_throughput=msk.CfnCluster.ProvisionedThroughputProperty(
                enabled=False,
                volume_throughput=123
            ),
            volume_size=123
        )
    )
)

Attributes

broker_az_distribution

This parameter is currently not in use.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokernodegroupinfo.html#cfn-msk-cluster-brokernodegroupinfo-brokerazdistribution

client_subnets

The list of subnets to connect to in the client virtual private cloud (VPC).

Amazon creates elastic network interfaces inside these subnets. Client applications use elastic network interfaces to produce and consume data.

If you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.

Client subnets can’t occupy the Availability Zone with ID use1-az3 .

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokernodegroupinfo.html#cfn-msk-cluster-brokernodegroupinfo-clientsubnets

connectivity_info

Information about the cluster’s connectivity setting.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokernodegroupinfo.html#cfn-msk-cluster-brokernodegroupinfo-connectivityinfo

instance_type

The type of Amazon EC2 instances to use for brokers.

The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, and kafka.m5.24xlarge, and kafka.t3.small.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokernodegroupinfo.html#cfn-msk-cluster-brokernodegroupinfo-instancetype

security_groups

The security groups to associate with the elastic network interfaces in order to specify who can connect to and communicate with the Amazon MSK cluster.

If you don’t specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the ec2:DescribeSecurityGroups permission.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokernodegroupinfo.html#cfn-msk-cluster-brokernodegroupinfo-securitygroups

storage_info

Contains information about storage volumes attached to Amazon MSK broker nodes.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokernodegroupinfo.html#cfn-msk-cluster-brokernodegroupinfo-storageinfo

ClientAuthenticationProperty

class CfnCluster.ClientAuthenticationProperty(*, sasl=None, tls=None, unauthenticated=None)

Bases: object

Includes all client authentication information.

Parameters:
  • sasl (Union[IResolvable, SaslProperty, Dict[str, Any], None]) – Details for client authentication using SASL. To turn on SASL, you must also turn on EncryptionInTransit by setting inCluster to true. You must set clientBroker to either TLS or TLS_PLAINTEXT . If you choose TLS_PLAINTEXT , then you must also set unauthenticated to true.

  • tls (Union[IResolvable, TlsProperty, Dict[str, Any], None]) – Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on EncryptionInTransit by setting inCluster to true and clientBroker to TLS .

  • unauthenticated (Union[IResolvable, UnauthenticatedProperty, Dict[str, Any], None]) – Details for ClientAuthentication using no authentication.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-clientauthentication.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

client_authentication_property = msk.CfnCluster.ClientAuthenticationProperty(
    sasl=msk.CfnCluster.SaslProperty(
        iam=msk.CfnCluster.IamProperty(
            enabled=False
        ),
        scram=msk.CfnCluster.ScramProperty(
            enabled=False
        )
    ),
    tls=msk.CfnCluster.TlsProperty(
        certificate_authority_arn_list=["certificateAuthorityArnList"],
        enabled=False
    ),
    unauthenticated=msk.CfnCluster.UnauthenticatedProperty(
        enabled=False
    )
)

Attributes

sasl

Details for client authentication using SASL.

To turn on SASL, you must also turn on EncryptionInTransit by setting inCluster to true. You must set clientBroker to either TLS or TLS_PLAINTEXT . If you choose TLS_PLAINTEXT , then you must also set unauthenticated to true.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-clientauthentication.html#cfn-msk-cluster-clientauthentication-sasl

tls

Details for ClientAuthentication using TLS.

To turn on TLS access control, you must also turn on EncryptionInTransit by setting inCluster to true and clientBroker to TLS .

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-clientauthentication.html#cfn-msk-cluster-clientauthentication-tls

unauthenticated

Details for ClientAuthentication using no authentication.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-clientauthentication.html#cfn-msk-cluster-clientauthentication-unauthenticated

CloudWatchLogsProperty

class CfnCluster.CloudWatchLogsProperty(*, enabled, log_group=None)

Bases: object

Details of the CloudWatch Logs destination for broker logs.

Parameters:
  • enabled (Union[bool, IResolvable]) – Specifies whether broker logs get sent to the specified CloudWatch Logs destination.

  • log_group (Optional[str]) – The CloudWatch log group that is the destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-cloudwatchlogs.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

cloud_watch_logs_property = msk.CfnCluster.CloudWatchLogsProperty(
    enabled=False,

    # the properties below are optional
    log_group="logGroup"
)

Attributes

enabled

Specifies whether broker logs get sent to the specified CloudWatch Logs destination.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-cloudwatchlogs.html#cfn-msk-cluster-cloudwatchlogs-enabled

log_group

The CloudWatch log group that is the destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-cloudwatchlogs.html#cfn-msk-cluster-cloudwatchlogs-loggroup

ConfigurationInfoProperty

class CfnCluster.ConfigurationInfoProperty(*, arn, revision)

Bases: object

Specifies the configuration to use for the brokers.

Parameters:
  • arn (str) – ARN of the configuration to use.

  • revision (Union[int, float]) – The revision of the configuration to use.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-configurationinfo.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

configuration_info_property = msk.CfnCluster.ConfigurationInfoProperty(
    arn="arn",
    revision=123
)

Attributes

arn

ARN of the configuration to use.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-configurationinfo.html#cfn-msk-cluster-configurationinfo-arn

revision

The revision of the configuration to use.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-configurationinfo.html#cfn-msk-cluster-configurationinfo-revision

ConnectivityInfoProperty

class CfnCluster.ConnectivityInfoProperty(*, public_access=None, vpc_connectivity=None)

Bases: object

Broker access controls.

Parameters:
Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-connectivityinfo.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

connectivity_info_property = msk.CfnCluster.ConnectivityInfoProperty(
    public_access=msk.CfnCluster.PublicAccessProperty(
        type="type"
    ),
    vpc_connectivity=msk.CfnCluster.VpcConnectivityProperty(
        client_authentication=msk.CfnCluster.VpcConnectivityClientAuthenticationProperty(
            sasl=msk.CfnCluster.VpcConnectivitySaslProperty(
                iam=msk.CfnCluster.VpcConnectivityIamProperty(
                    enabled=False
                ),
                scram=msk.CfnCluster.VpcConnectivityScramProperty(
                    enabled=False
                )
            ),
            tls=msk.CfnCluster.VpcConnectivityTlsProperty(
                enabled=False
            )
        )
    )
)

Attributes

public_access

Access control settings for the cluster’s brokers.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-connectivityinfo.html#cfn-msk-cluster-connectivityinfo-publicaccess

vpc_connectivity

VPC connection control settings for brokers.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-connectivityinfo.html#cfn-msk-cluster-connectivityinfo-vpcconnectivity

EBSStorageInfoProperty

class CfnCluster.EBSStorageInfoProperty(*, provisioned_throughput=None, volume_size=None)

Bases: object

Contains information about the EBS storage volumes attached to the broker nodes.

Parameters:
  • provisioned_throughput (Union[IResolvable, ProvisionedThroughputProperty, Dict[str, Any], None]) – EBS volume provisioned throughput information.

  • volume_size (Union[int, float, None]) – The size in GiB of the EBS volume for the data drive on each broker node.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-ebsstorageinfo.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

e_bSStorage_info_property = msk.CfnCluster.EBSStorageInfoProperty(
    provisioned_throughput=msk.CfnCluster.ProvisionedThroughputProperty(
        enabled=False,
        volume_throughput=123
    ),
    volume_size=123
)

Attributes

provisioned_throughput

EBS volume provisioned throughput information.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-ebsstorageinfo.html#cfn-msk-cluster-ebsstorageinfo-provisionedthroughput

volume_size

The size in GiB of the EBS volume for the data drive on each broker node.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-ebsstorageinfo.html#cfn-msk-cluster-ebsstorageinfo-volumesize

EncryptionAtRestProperty

class CfnCluster.EncryptionAtRestProperty(*, data_volume_kms_key_id)

Bases: object

The data-volume encryption details.

You can’t update encryption at rest settings for existing clusters.

Parameters:

data_volume_kms_key_id (str) – The ARN of the Amazon KMS key for encrypting data at rest. If you don’t specify a KMS key, MSK creates one for you and uses it.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-encryptionatrest.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

encryption_at_rest_property = msk.CfnCluster.EncryptionAtRestProperty(
    data_volume_kms_key_id="dataVolumeKmsKeyId"
)

Attributes

data_volume_kms_key_id

The ARN of the Amazon KMS key for encrypting data at rest.

If you don’t specify a KMS key, MSK creates one for you and uses it.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-encryptionatrest.html#cfn-msk-cluster-encryptionatrest-datavolumekmskeyid

EncryptionInTransitProperty

class CfnCluster.EncryptionInTransitProperty(*, client_broker=None, in_cluster=None)

Bases: object

The settings for encrypting data in transit.

Parameters:
  • client_broker (Optional[str]) – Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values. TLS means that client-broker communication is enabled with TLS only. TLS_PLAINTEXT means that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data. PLAINTEXT means that client-broker communication is enabled in plaintext only. The default value is TLS .

  • in_cluster (Union[bool, IResolvable, None]) – When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext. The default value is true.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-encryptionintransit.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

encryption_in_transit_property = msk.CfnCluster.EncryptionInTransitProperty(
    client_broker="clientBroker",
    in_cluster=False
)

Attributes

client_broker

Indicates the encryption setting for data in transit between clients and brokers.

You must set it to one of the following values.

TLS means that client-broker communication is enabled with TLS only.

TLS_PLAINTEXT means that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.

PLAINTEXT means that client-broker communication is enabled in plaintext only.

The default value is TLS .

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-encryptionintransit.html#cfn-msk-cluster-encryptionintransit-clientbroker

in_cluster

When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted.

When set to false, the communication happens in plaintext.

The default value is true.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-encryptionintransit.html#cfn-msk-cluster-encryptionintransit-incluster

EncryptionInfoProperty

class CfnCluster.EncryptionInfoProperty(*, encryption_at_rest=None, encryption_in_transit=None)

Bases: object

Includes encryption-related information, such as the Amazon KMS key used for encrypting data at rest and whether you want MSK to encrypt your data in transit.

Parameters:
Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-encryptioninfo.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

encryption_info_property = msk.CfnCluster.EncryptionInfoProperty(
    encryption_at_rest=msk.CfnCluster.EncryptionAtRestProperty(
        data_volume_kms_key_id="dataVolumeKmsKeyId"
    ),
    encryption_in_transit=msk.CfnCluster.EncryptionInTransitProperty(
        client_broker="clientBroker",
        in_cluster=False
    )
)

Attributes

encryption_at_rest

The data-volume encryption details.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-encryptioninfo.html#cfn-msk-cluster-encryptioninfo-encryptionatrest

encryption_in_transit

The details for encryption in transit.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-encryptioninfo.html#cfn-msk-cluster-encryptioninfo-encryptionintransit

FirehoseProperty

class CfnCluster.FirehoseProperty(*, enabled, delivery_stream=None)

Bases: object

Firehose details for BrokerLogs.

Parameters:
  • enabled (Union[bool, IResolvable]) – Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.

  • delivery_stream (Optional[str]) – The Kinesis Data Firehose delivery stream that is the destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-firehose.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

firehose_property = msk.CfnCluster.FirehoseProperty(
    enabled=False,

    # the properties below are optional
    delivery_stream="deliveryStream"
)

Attributes

delivery_stream

The Kinesis Data Firehose delivery stream that is the destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-firehose.html#cfn-msk-cluster-firehose-deliverystream

enabled

Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-firehose.html#cfn-msk-cluster-firehose-enabled

IamProperty

class CfnCluster.IamProperty(*, enabled)

Bases: object

Details for SASL/IAM client authentication.

Parameters:

enabled (Union[bool, IResolvable]) – SASL/IAM authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-iam.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

iam_property = msk.CfnCluster.IamProperty(
    enabled=False
)

Attributes

enabled

SASL/IAM authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-iam.html#cfn-msk-cluster-iam-enabled

JmxExporterProperty

class CfnCluster.JmxExporterProperty(*, enabled_in_broker)

Bases: object

Indicates whether you want to enable or disable the JMX Exporter.

Parameters:

enabled_in_broker (Union[bool, IResolvable]) – Indicates whether you want to enable or disable the JMX Exporter.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-jmxexporter.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

jmx_exporter_property = msk.CfnCluster.JmxExporterProperty(
    enabled_in_broker=False
)

Attributes

enabled_in_broker

Indicates whether you want to enable or disable the JMX Exporter.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-jmxexporter.html#cfn-msk-cluster-jmxexporter-enabledinbroker

LoggingInfoProperty

class CfnCluster.LoggingInfoProperty(*, broker_logs)

Bases: object

You can configure your MSK cluster to send broker logs to different destination types.

This is a container for the configuration details related to broker logs.

Parameters:

broker_logs (Union[IResolvable, BrokerLogsProperty, Dict[str, Any]]) – You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-logginginfo.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

logging_info_property = msk.CfnCluster.LoggingInfoProperty(
    broker_logs=msk.CfnCluster.BrokerLogsProperty(
        cloud_watch_logs=msk.CfnCluster.CloudWatchLogsProperty(
            enabled=False,

            # the properties below are optional
            log_group="logGroup"
        ),
        firehose=msk.CfnCluster.FirehoseProperty(
            enabled=False,

            # the properties below are optional
            delivery_stream="deliveryStream"
        ),
        s3=msk.CfnCluster.S3Property(
            enabled=False,

            # the properties below are optional
            bucket="bucket",
            prefix="prefix"
        )
    )
)

Attributes

broker_logs

You can configure your MSK cluster to send broker logs to different destination types.

This configuration specifies the details of these destinations.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-logginginfo.html#cfn-msk-cluster-logginginfo-brokerlogs

NodeExporterProperty

class CfnCluster.NodeExporterProperty(*, enabled_in_broker)

Bases: object

Indicates whether you want to enable or disable the Node Exporter.

Parameters:

enabled_in_broker (Union[bool, IResolvable]) – Indicates whether you want to enable or disable the Node Exporter.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-nodeexporter.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

node_exporter_property = msk.CfnCluster.NodeExporterProperty(
    enabled_in_broker=False
)

Attributes

enabled_in_broker

Indicates whether you want to enable or disable the Node Exporter.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-nodeexporter.html#cfn-msk-cluster-nodeexporter-enabledinbroker

OpenMonitoringProperty

class CfnCluster.OpenMonitoringProperty(*, prometheus)

Bases: object

JMX and Node monitoring for the MSK cluster.

Parameters:

prometheus (Union[IResolvable, PrometheusProperty, Dict[str, Any]]) – Prometheus exporter settings.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-openmonitoring.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

open_monitoring_property = msk.CfnCluster.OpenMonitoringProperty(
    prometheus=msk.CfnCluster.PrometheusProperty(
        jmx_exporter=msk.CfnCluster.JmxExporterProperty(
            enabled_in_broker=False
        ),
        node_exporter=msk.CfnCluster.NodeExporterProperty(
            enabled_in_broker=False
        )
    )
)

Attributes

prometheus

Prometheus exporter settings.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-openmonitoring.html#cfn-msk-cluster-openmonitoring-prometheus

PrometheusProperty

class CfnCluster.PrometheusProperty(*, jmx_exporter=None, node_exporter=None)

Bases: object

Prometheus settings for open monitoring.

Parameters:
Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-prometheus.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

prometheus_property = msk.CfnCluster.PrometheusProperty(
    jmx_exporter=msk.CfnCluster.JmxExporterProperty(
        enabled_in_broker=False
    ),
    node_exporter=msk.CfnCluster.NodeExporterProperty(
        enabled_in_broker=False
    )
)

Attributes

jmx_exporter

Indicates whether you want to enable or disable the JMX Exporter.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-prometheus.html#cfn-msk-cluster-prometheus-jmxexporter

node_exporter

Indicates whether you want to enable or disable the Node Exporter.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-prometheus.html#cfn-msk-cluster-prometheus-nodeexporter

ProvisionedThroughputProperty

class CfnCluster.ProvisionedThroughputProperty(*, enabled=None, volume_throughput=None)

Bases: object

Contains information about provisioned throughput for EBS storage volumes attached to kafka broker nodes.

Parameters:
  • enabled (Union[bool, IResolvable, None]) – Provisioned throughput is enabled or not.

  • volume_throughput (Union[int, float, None]) – Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-provisionedthroughput.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

provisioned_throughput_property = msk.CfnCluster.ProvisionedThroughputProperty(
    enabled=False,
    volume_throughput=123
)

Attributes

enabled

Provisioned throughput is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-provisionedthroughput.html#cfn-msk-cluster-provisionedthroughput-enabled

volume_throughput

Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-provisionedthroughput.html#cfn-msk-cluster-provisionedthroughput-volumethroughput

PublicAccessProperty

class CfnCluster.PublicAccessProperty(*, type=None)

Bases: object

Broker access controls.

Parameters:

type (Optional[str]) – DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-publicaccess.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

public_access_property = msk.CfnCluster.PublicAccessProperty(
    type="type"
)

Attributes

type

DISABLED means that public access is turned off.

SERVICE_PROVIDED_EIPS means that public access is turned on.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-publicaccess.html#cfn-msk-cluster-publicaccess-type

S3Property

class CfnCluster.S3Property(*, enabled, bucket=None, prefix=None)

Bases: object

The details of the Amazon S3 destination for broker logs.

Parameters:
  • enabled (Union[bool, IResolvable]) – Specifies whether broker logs get sent to the specified Amazon S3 destination.

  • bucket (Optional[str]) – The name of the S3 bucket that is the destination for broker logs.

  • prefix (Optional[str]) – The S3 prefix that is the destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-s3.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

s3_property = msk.CfnCluster.S3Property(
    enabled=False,

    # the properties below are optional
    bucket="bucket",
    prefix="prefix"
)

Attributes

bucket

The name of the S3 bucket that is the destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-s3.html#cfn-msk-cluster-s3-bucket

enabled

Specifies whether broker logs get sent to the specified Amazon S3 destination.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-s3.html#cfn-msk-cluster-s3-enabled

prefix

The S3 prefix that is the destination for broker logs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-s3.html#cfn-msk-cluster-s3-prefix

SaslProperty

class CfnCluster.SaslProperty(*, iam=None, scram=None)

Bases: object

Details for client authentication using SASL.

To turn on SASL, you must also turn on EncryptionInTransit by setting inCluster to true. You must set clientBroker to either TLS or TLS_PLAINTEXT . If you choose TLS_PLAINTEXT , then you must also set unauthenticated to true.

Parameters:
Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-sasl.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

sasl_property = msk.CfnCluster.SaslProperty(
    iam=msk.CfnCluster.IamProperty(
        enabled=False
    ),
    scram=msk.CfnCluster.ScramProperty(
        enabled=False
    )
)

Attributes

iam

Details for ClientAuthentication using IAM.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-sasl.html#cfn-msk-cluster-sasl-iam

scram

Details for SASL/SCRAM client authentication.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-sasl.html#cfn-msk-cluster-sasl-scram

ScramProperty

class CfnCluster.ScramProperty(*, enabled)

Bases: object

Details for SASL/SCRAM client authentication.

Parameters:

enabled (Union[bool, IResolvable]) – SASL/SCRAM authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-scram.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

scram_property = msk.CfnCluster.ScramProperty(
    enabled=False
)

Attributes

enabled

SASL/SCRAM authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-scram.html#cfn-msk-cluster-scram-enabled

StorageInfoProperty

class CfnCluster.StorageInfoProperty(*, ebs_storage_info=None)

Bases: object

Contains information about storage volumes attached to Amazon MSK broker nodes.

Parameters:

ebs_storage_info (Union[IResolvable, EBSStorageInfoProperty, Dict[str, Any], None]) – EBS volume information.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-storageinfo.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

storage_info_property = msk.CfnCluster.StorageInfoProperty(
    ebs_storage_info=msk.CfnCluster.EBSStorageInfoProperty(
        provisioned_throughput=msk.CfnCluster.ProvisionedThroughputProperty(
            enabled=False,
            volume_throughput=123
        ),
        volume_size=123
    )
)

Attributes

ebs_storage_info

EBS volume information.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-storageinfo.html#cfn-msk-cluster-storageinfo-ebsstorageinfo

TlsProperty

class CfnCluster.TlsProperty(*, certificate_authority_arn_list=None, enabled=None)

Bases: object

Details for client authentication using TLS.

Parameters:
  • certificate_authority_arn_list (Optional[Sequence[str]]) – List of AWS Private CA ARNs.

  • enabled (Union[bool, IResolvable, None]) – TLS authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-tls.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

tls_property = msk.CfnCluster.TlsProperty(
    certificate_authority_arn_list=["certificateAuthorityArnList"],
    enabled=False
)

Attributes

certificate_authority_arn_list

List of AWS Private CA ARNs.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-tls.html#cfn-msk-cluster-tls-certificateauthorityarnlist

enabled

TLS authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-tls.html#cfn-msk-cluster-tls-enabled

UnauthenticatedProperty

class CfnCluster.UnauthenticatedProperty(*, enabled)

Bases: object

Details for allowing no client authentication.

Parameters:

enabled (Union[bool, IResolvable]) – Unauthenticated is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-unauthenticated.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

unauthenticated_property = msk.CfnCluster.UnauthenticatedProperty(
    enabled=False
)

Attributes

enabled

Unauthenticated is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-unauthenticated.html#cfn-msk-cluster-unauthenticated-enabled

VpcConnectivityClientAuthenticationProperty

class CfnCluster.VpcConnectivityClientAuthenticationProperty(*, sasl=None, tls=None)

Bases: object

Includes all client authentication information for VpcConnectivity.

Parameters:
Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivityclientauthentication.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

vpc_connectivity_client_authentication_property = msk.CfnCluster.VpcConnectivityClientAuthenticationProperty(
    sasl=msk.CfnCluster.VpcConnectivitySaslProperty(
        iam=msk.CfnCluster.VpcConnectivityIamProperty(
            enabled=False
        ),
        scram=msk.CfnCluster.VpcConnectivityScramProperty(
            enabled=False
        )
    ),
    tls=msk.CfnCluster.VpcConnectivityTlsProperty(
        enabled=False
    )
)

Attributes

sasl

Details for VpcConnectivity ClientAuthentication using SASL.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivityclientauthentication.html#cfn-msk-cluster-vpcconnectivityclientauthentication-sasl

tls

Details for VpcConnectivity ClientAuthentication using TLS.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivityclientauthentication.html#cfn-msk-cluster-vpcconnectivityclientauthentication-tls

VpcConnectivityIamProperty

class CfnCluster.VpcConnectivityIamProperty(*, enabled)

Bases: object

Details for SASL/IAM client authentication for VpcConnectivity.

Parameters:

enabled (Union[bool, IResolvable]) – SASL/IAM authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivityiam.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

vpc_connectivity_iam_property = msk.CfnCluster.VpcConnectivityIamProperty(
    enabled=False
)

Attributes

enabled

SASL/IAM authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivityiam.html#cfn-msk-cluster-vpcconnectivityiam-enabled

VpcConnectivityProperty

class CfnCluster.VpcConnectivityProperty(*, client_authentication=None)

Bases: object

VPC connection control settings for brokers.

Parameters:

client_authentication (Union[IResolvable, VpcConnectivityClientAuthenticationProperty, Dict[str, Any], None]) – VPC connection control settings for brokers.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivity.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

vpc_connectivity_property = msk.CfnCluster.VpcConnectivityProperty(
    client_authentication=msk.CfnCluster.VpcConnectivityClientAuthenticationProperty(
        sasl=msk.CfnCluster.VpcConnectivitySaslProperty(
            iam=msk.CfnCluster.VpcConnectivityIamProperty(
                enabled=False
            ),
            scram=msk.CfnCluster.VpcConnectivityScramProperty(
                enabled=False
            )
        ),
        tls=msk.CfnCluster.VpcConnectivityTlsProperty(
            enabled=False
        )
    )
)

Attributes

client_authentication

VPC connection control settings for brokers.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivity.html#cfn-msk-cluster-vpcconnectivity-clientauthentication

VpcConnectivitySaslProperty

class CfnCluster.VpcConnectivitySaslProperty(*, iam=None, scram=None)

Bases: object

Details for client authentication using SASL for VpcConnectivity.

Parameters:
Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivitysasl.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

vpc_connectivity_sasl_property = msk.CfnCluster.VpcConnectivitySaslProperty(
    iam=msk.CfnCluster.VpcConnectivityIamProperty(
        enabled=False
    ),
    scram=msk.CfnCluster.VpcConnectivityScramProperty(
        enabled=False
    )
)

Attributes

iam

Details for ClientAuthentication using IAM for VpcConnectivity.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivitysasl.html#cfn-msk-cluster-vpcconnectivitysasl-iam

scram

Details for SASL/SCRAM client authentication for VpcConnectivity.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivitysasl.html#cfn-msk-cluster-vpcconnectivitysasl-scram

VpcConnectivityScramProperty

class CfnCluster.VpcConnectivityScramProperty(*, enabled)

Bases: object

Details for SASL/SCRAM client authentication for vpcConnectivity.

Parameters:

enabled (Union[bool, IResolvable]) – SASL/SCRAM authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivityscram.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

vpc_connectivity_scram_property = msk.CfnCluster.VpcConnectivityScramProperty(
    enabled=False
)

Attributes

enabled

SASL/SCRAM authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivityscram.html#cfn-msk-cluster-vpcconnectivityscram-enabled

VpcConnectivityTlsProperty

class CfnCluster.VpcConnectivityTlsProperty(*, enabled)

Bases: object

Details for client authentication using TLS for vpcConnectivity.

Parameters:

enabled (Union[bool, IResolvable]) – TLS authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivitytls.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_msk as msk

vpc_connectivity_tls_property = msk.CfnCluster.VpcConnectivityTlsProperty(
    enabled=False
)

Attributes

enabled

TLS authentication is enabled or not.

Link:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-vpcconnectivitytls.html#cfn-msk-cluster-vpcconnectivitytls-enabled