EncryptionInTransitConfig

class aws_cdk.aws_msk.EncryptionInTransitConfig(*, client_broker=None, enable_in_cluster=None)

Bases: object

(experimental) The settings for encrypting data in transit.

Parameters:
  • client_broker (Optional[ClientBrokerEncryption]) – (experimental) Indicates the encryption setting for data in transit between clients and brokers. Default: - TLS

  • enable_in_cluster (Optional[bool]) – (experimental) Indicates that data communication among the broker nodes of the cluster is encrypted. Default: true

See:

https://docs.aws.amazon.com/msk/latest/developerguide/msk-encryption.html#msk-encryption-in-transit

Stability:

experimental

ExampleMetadata:

infused

Example:

# vpc: ec2.Vpc

cluster = msk.Cluster(self, "cluster",
    cluster_name="myCluster",
    kafka_version=msk.KafkaVersion.V2_8_1,
    vpc=vpc,
    encryption_in_transit=msk.EncryptionInTransitConfig(
        client_broker=msk.ClientBrokerEncryption.TLS
    ),
    client_authentication=msk.ClientAuthentication.sasl(
        scram=True
    )
)

Attributes

client_broker

(experimental) Indicates the encryption setting for data in transit between clients and brokers.

Default:
  • TLS

Stability:

experimental

enable_in_cluster

(experimental) Indicates that data communication among the broker nodes of the cluster is encrypted.

Default:

true

Stability:

experimental