Cluster Operation - Amazon Managed Streaming for Apache Kafka
URIHTTP methodsSchemasPropertiesSee also

Cluster Operation

Represents an operation that was performed on an MSK cluster.

URI

/v1/operations/clusterOperationArn

HTTP methods

GET

Operation ID: DescribeClusterOperation

Returns a description of the cluster operation specified by the Amazon Resource Name (ARN).

Path parameters
NameTypeRequiredDescription
clusterOperationArnStringTrue

The Amazon Resource Name (ARN) that uniquely identifies the MSK cluster operation.

Responses
Status codeResponse modelDescription
200 DescribeClusterOperationResponse

200 response

400Error

The request isn't valid because the input is incorrect. Correct your input and then submit it again.

401Error

The request is not authorized. The provided credentials couldn't be validated.

403Error

Access forbidden. Check your credentials and then retry your request.

404Error

The resource could not be found due to incorrect input. Correct the input, then retry the request.

429Error

429 response

500Error

There was an unexpected internal server error. Retrying your request might resolve the issue.

503Error

503 response

OPTIONS

Enable CORS by returning the correct headers.

Path parameters
NameTypeRequiredDescription
clusterOperationArnStringTrue

The Amazon Resource Name (ARN) that uniquely identifies the MSK cluster operation.

Responses
Status codeResponse modelDescription
200None

Default response for CORS method

Schemas

Response bodies

{
  "clusterOperationInfo": {
    "clientRequestId": "string",
    "clusterArn": "string",
    "creationTime": "string",
    "endTime": "string",
    "errorInfo": {
      "errorCode": "string",
      "errorString": "string"
    },
    "operationArn": "string",
    "operationState": "string",
    "operationSteps": [
      {
        "stepInfo": {
          "stepStatus": "string"
        },
        "stepName": "string"
      }
    ],
    "operationType": "string",
    "sourceClusterInfo": {
      "brokerCountUpdateInfo": {
        "createdBrokerIds": [
          number
        ],
        "deletedBrokerIds": [
          number
        ]
      },
      "brokerEBSVolumeInfo": [
        {
          "kafkaBrokerNodeId": "string",
          "provisionedThroughput": {
            "enabled": boolean,
            "volumeThroughput": integer
          },
          "volumeSizeGB": integer
        }
      ],
      "clientAuthentication": {
        "sasl": {
          "iam": {
            "enabled": boolean
          },
          "scram": {
            "enabled": boolean
          }
        },
        "tls": {
          "certificateAuthorityArnList": [
            "string"
          ],
          "enabled": boolean
        },
        "unauthenticated": {
          "enabled": boolean
        }
      },
      "configurationInfo": {
        "arn": "string",
        "revision": integer
      },
      "connectivityInfo": {
        "publicAccess": {
          "type": "string"
        },
        "vpcConnectivity": {
          "clientAuthentication": {
            "sasl": {
              "iam": {
                "enabled": boolean
              },
              "scram": {
                "enabled": boolean
              }
            },
            "tls": {
              "enabled": boolean
            }
          }
        }
      },
      "encryptionInfo": {
        "encryptionAtRest": {
          "dataVolumeKMSKeyId": "string"
        },
        "encryptionInTransit": {
          "clientBroker": enum,
          "inCluster": boolean
        }
      },
      "enhancedMonitoring": enum,
      "instanceType": "string",
      "kafkaVersion": "string",
      "loggingInfo": {
        "brokerLogs": {
          "cloudWatchLogs": {
            "enabled": boolean,
            "logGroup": "string"
          },
          "firehose": {
            "deliveryStream": "string",
            "enabled": boolean
          },
          "s3": {
            "bucket": "string",
            "enabled": boolean,
            "prefix": "string"
          }
        }
      },
      "numberOfBrokerNodes": integer,
      "openMonitoring": {
        "prometheus": {
          "jmxExporter": {
            "enabledInBroker": boolean
          },
          "nodeExporter": {
            "enabledInBroker": boolean
          }
        }
      },
      "storageMode": enum
    },
    "targetClusterInfo": {
      "brokerCountUpdateInfo": {
        "createdBrokerIds": [
          number
        ],
        "deletedBrokerIds": [
          number
        ]
      },
      "brokerEBSVolumeInfo": [
        {
          "kafkaBrokerNodeId": "string",
          "provisionedThroughput": {
            "enabled": boolean,
            "volumeThroughput": integer
          },
          "volumeSizeGB": integer
        }
      ],
      "clientAuthentication": {
        "sasl": {
          "iam": {
            "enabled": boolean
          },
          "scram": {
            "enabled": boolean
          }
        },
        "tls": {
          "certificateAuthorityArnList": [
            "string"
          ],
          "enabled": boolean
        },
        "unauthenticated": {
          "enabled": boolean
        }
      },
      "configurationInfo": {
        "arn": "string",
        "revision": integer
      },
      "connectivityInfo": {
        "publicAccess": {
          "type": "string"
        },
        "vpcConnectivity": {
          "clientAuthentication": {
            "sasl": {
              "iam": {
                "enabled": boolean
              },
              "scram": {
                "enabled": boolean
              }
            },
            "tls": {
              "enabled": boolean
            }
          }
        }
      },
      "encryptionInfo": {
        "encryptionAtRest": {
          "dataVolumeKMSKeyId": "string"
        },
        "encryptionInTransit": {
          "clientBroker": enum,
          "inCluster": boolean
        }
      },
      "enhancedMonitoring": enum,
      "instanceType": "string",
      "kafkaVersion": "string",
      "loggingInfo": {
        "brokerLogs": {
          "cloudWatchLogs": {
            "enabled": boolean,
            "logGroup": "string"
          },
          "firehose": {
            "deliveryStream": "string",
            "enabled": boolean
          },
          "s3": {
            "bucket": "string",
            "enabled": boolean,
            "prefix": "string"
          }
        }
      },
      "numberOfBrokerNodes": integer,
      "openMonitoring": {
        "prometheus": {
          "jmxExporter": {
            "enabledInBroker": boolean
          },
          "nodeExporter": {
            "enabledInBroker": boolean
          }
        }
      },
      "storageMode": enum
    },
    "vpcConnectionInfo": {
      "creationTime": "string",
      "owner": "string",
      "userIdentity": {
        "principalId": "string",
        "type": enum
      },
      "vpcConnectionArn": "string"
    }
  }
}
{
  "invalidParameter": "string",
  "message": "string"
}

Properties

BrokerCountUpdateInfo

Contains the list of broker ids being changed during a broker count update.

PropertyTypeRequiredDescription
createdBrokerIds

Array of type number

False

List of Kafka Broker IDs being created. If operation is INCREASE_BROKER_COUNT, the list contains numeric ids of brokers added by the operation.

deletedBrokerIds

Array of type number

False

List of Kafka Broker IDs being deleted. If operation is DECREASE_BROKER_COUNT, the list contains numeric ids of brokers removed by the operation.

BrokerEBSVolumeInfo

Specifies the EBS volume upgrade information. The broker identifier must be set to the keyword ALL. This means the changes apply to all the brokers in the cluster.

PropertyTypeRequiredDescription
kafkaBrokerNodeId

string

True

The ID of the broker to update. The only allowed value is ALL. This means that Amazon MSK applies the same storage update to all broker nodes.

provisionedThroughput

ProvisionedThroughput

False

EBS volume provisioned throughput information.

volumeSizeGB

integer

False

Size of the EBS volume to update.

BrokerLogs

The broker logs configuration for this MSK cluster.

PropertyTypeRequiredDescription
cloudWatchLogs

CloudWatchLogs

False

Details of the CloudWatch Logs destination for broker logs.

firehose

Firehose

False

Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.

s3

S3

False

Details of the Amazon S3 destination for broker logs.

ClientAuthentication

Includes all client authentication information.

PropertyTypeRequiredDescription
sasl

Sasl

False

Details for client authentication using SASL. To turn on SASL, you must also turn on EncryptionInTransit by setting inCluster to true. You must set clientBroker to either TLS or TLS_PLAINTEXT. If you choose TLS_PLAINTEXT, then you must also set unauthenticated to true.

tls

Tls

False

Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on EncryptionInTransit by setting inCluster to true and clientBroker to TLS.

unauthenticated

Unauthenticated

False

Details for ClientAuthentication using no authentication.

ClientBroker

Client-broker encryption in transit setting.

  • TLS

  • TLS_PLAINTEXT

  • PLAINTEXT

CloudWatchLogs

Details of the CloudWatch Logs destination for broker logs.

PropertyTypeRequiredDescription
enabled

boolean

True

Specifies whether broker logs get sent to the specified CloudWatch Logs destination.

logGroup

string

False

The CloudWatch log group that is the destination for broker logs.

ClusterOperationInfo

Returns information about a cluster operation.

PropertyTypeRequiredDescription
clientRequestId

string

False

The ID of the API request that triggered this operation.

clusterArn

string

False

ARN of the cluster.

creationTime

string

False

The time that the operation was created.

endTime

string

False

The time at which the operation finished.

errorInfo

ErrorInfo

False

Describes the error if the operation fails.

operationArn

string

False

ARN of the cluster operation.

operationState

string

False

State of the cluster operation.

operationSteps

Array of type ClusterOperationStep

False

Steps completed during the operation.

operationType

string

False

Type of the cluster operation.

sourceClusterInfo

MutableClusterInfo

False

Information about cluster attributes before a cluster is updated.

targetClusterInfo

MutableClusterInfo

False

Information about cluster attributes after a cluster is updated.

vpcConnectionInfo

VpcConnectionInfo

False

Description of the VPC connection for CreateVpcConnection and DeleteVpcConnection operations.

ClusterOperationStep

Step taken during a cluster operation.

PropertyTypeRequiredDescription
stepInfo

ClusterOperationStepInfo

False

Information about the step and its status.

stepName

string

False

The name of the step.

ClusterOperationStepInfo

Information about a step in an operation.

PropertyTypeRequiredDescription
stepStatus

string

False

The step's current status.

ConfigurationInfo

Specifies the configuration to use for the brokers.

PropertyTypeRequiredDescription
arn

string

True

ARN of the configuration to use.

revision

integer

Format: int64

Minimum: 1

True

The revision of the configuration to use.

ConnectivityInfo

Broker access controls.

PropertyTypeRequiredDescription
publicAccess

PublicAccess

False

Access control settings for the cluster's brokers.

vpcConnectivity

VpcConnectivity

False

VPC connection control settings for brokers

DescribeClusterOperationResponse

Information about a cluster operation.

PropertyTypeRequiredDescription
clusterOperationInfo

ClusterOperationInfo

False

Cluster operation information

EncryptionAtRest

The data-volume encryption details. You can't update encryption at rest settings for existing clusters.

PropertyTypeRequiredDescription
dataVolumeKMSKeyId

string

True

The Amazon Resource Name (ARN) of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.

EncryptionInTransit

The settings for encrypting data in transit.

PropertyTypeRequiredDescription
clientBroker

ClientBroker

False

Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.

TLS means that client-broker communication is enabled with TLS only.

TLS_PLAINTEXT means that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.

PLAINTEXT means that client-broker communication is enabled in plaintext only.

The default value is TLS.

inCluster

boolean

False

When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.

The default value is true.

EncryptionInfo

Includes encryption-related information, such as the Amazon KMS key used for encrypting data at rest and whether you want MSK to encrypt your data in transit.

PropertyTypeRequiredDescription
encryptionAtRest

EncryptionAtRest

False

The data-volume encryption details.

encryptionInTransit

EncryptionInTransit

False

The details for encryption in transit.

EnhancedMonitoring

Specifies which Apache Kafka metrics Amazon MSK gathers and sends to Amazon CloudWatch for this cluster. This property has three possible values: DEFAULT, PER_BROKER, and PER_TOPIC_PER_BROKER. For a list of the metrics associated with each of these three levels of monitoring, see Monitoring.

  • DEFAULT

  • PER_BROKER

  • PER_TOPIC_PER_BROKER

  • PER_TOPIC_PER_PARTITION

Error

Returns information about an error.

PropertyTypeRequiredDescription
invalidParameter

string

False

The parameter that caused the error.

message

string

False

The description of the error.

ErrorInfo

Returns information about an error state of the cluster.

PropertyTypeRequiredDescription
errorCode

string

False

A number describing the error programmatically.

errorString

string

False

An optional field to provide more details about the error.

Firehose

Firehose details for BrokerLogs.

PropertyTypeRequiredDescription
deliveryStream

string

False

The Kinesis Data Firehose delivery stream that is the destination for broker logs.

enabled

boolean

True

Specifies whether broker logs get sent to the specified Kinesis Data Firehose delivery stream.

IAM

Details for SASL/IAM client authentication.

PropertyTypeRequiredDescription
enabled

boolean

False

SASL/IAM authentication is enabled or not.

JmxExporter

Indicates whether you want to enable or disable the JMX Exporter.

PropertyTypeRequiredDescription
enabledInBroker

boolean

True

Indicates whether you want to enable or disable the JMX Exporter.

LoggingInfo

You can configure your MSK cluster to send broker logs to different destination types. This is a container for the configuration details related to broker logs.

PropertyTypeRequiredDescription
brokerLogs

BrokerLogs

True

You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.

MutableClusterInfo

Information about cluster attributes that can be updated via update APIs.

PropertyTypeRequiredDescription
brokerCountUpdateInfo

BrokerCountUpdateInfo

False

Describes brokers being changed during a broker count update.

brokerEBSVolumeInfo

Array of type BrokerEBSVolumeInfo

False

Specifies the size of the EBS volume and the ID of the associated broker.

clientAuthentication

ClientAuthentication

False

Client Authentication details.

configurationInfo

ConfigurationInfo

False

Information about the changes in the configuration of the brokers.

connectivityInfo

ConnectivityInfo

False

Defines the connectivity setting of the cluster.

encryptionInfo

EncryptionInfo

False

Encryption details.

enhancedMonitoring

EnhancedMonitoring

False

The monitoring level.

instanceType

string

False

The broker type.

kafkaVersion

string

False

The Apache Kafka version.

loggingInfo

LoggingInfo

False

LoggingInfo details.

numberOfBrokerNodes

integer

False

The number of broker nodes in the cluster.

openMonitoring

OpenMonitoring

False

Open monitoring details.

storageMode

StorageMode

False

This controls storage mode for supported storage tiers.

NodeExporter

Indicates whether you want to enable or disable the Node Exporter.

PropertyTypeRequiredDescription
enabledInBroker

boolean

True

Indicates whether you want to enable or disable the Node Exporter.

OpenMonitoring

JMX and Node monitoring for the MSK cluster.

PropertyTypeRequiredDescription
prometheus

Prometheus

True

Prometheus exporter settings.

Prometheus

Prometheus settings for open monitoring.

PropertyTypeRequiredDescription
jmxExporter

JmxExporter

False

Indicates whether you want to enable or disable the JMX Exporter.

nodeExporter

NodeExporter

False

Indicates whether you want to enable or disable the Node Exporter.

ProvisionedThroughput

Contains information about provisioned throughput for EBS storage volumes attached to kafka broker nodes.

PropertyTypeRequiredDescription
enabled

boolean

False

Provisioned throughput is enabled or not.

volumeThroughput

integer

False

Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.

PublicAccess

Broker access controls

PropertyTypeRequiredDescription
type

string

False

DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.

S3

The details of the Amazon S3 destination for broker logs.

PropertyTypeRequiredDescription
bucket

string

False

The name of the S3 bucket that is the destination for broker logs.

enabled

boolean

True

Specifies whether broker logs get sent to the specified Amazon S3 destination.

prefix

string

False

The S3 prefix that is the destination for broker logs.

Sasl

Details for client authentication using SASL. To turn on SASL, you must also turn on EncryptionInTransit by setting inCluster to true. You must set clientBroker to either TLS or TLS_PLAINTEXT. If you choose TLS_PLAINTEXT, then you must also set unauthenticated to true.

PropertyTypeRequiredDescription
iam

IAM

False

Details for ClientAuthentication using IAM.

scram

Scram

False

Details for SASL/SCRAM client authentication.

Scram

Details for SASL/SCRAM client authentication.

PropertyTypeRequiredDescription
enabled

boolean

False

SASL/SCRAM authentication is enabled or not.

StorageMode

Controls storage mode for various supported storage tiers.

  • LOCAL

  • TIERED

Tls

Details for client authentication using TLS.

PropertyTypeRequiredDescription
certificateAuthorityArnList

Array of type string

False

List of AWS Private CA Amazon Resource Name (ARN)s.

enabled

boolean

False

TLS authentication is enabled or not.

Unauthenticated

Details for allowing no client authentication.

PropertyTypeRequiredDescription
enabled

boolean

False

Unauthenticated is enabled or not.

UserIdentity

Description of the requester that calls the API operation.

PropertyTypeRequiredDescription
principalId

string

False

A unique identifier for the requester that calls the API operation.

type

UserIdentityType

False

The identity type of the requester that calls the API operation.

UserIdentityType

The identity type of the requester that calls the API operation.

  • AWSAccount

  • AWSService

VpcConnectionInfo

Description of the VPC connection.

PropertyTypeRequiredDescription
creationTime

string

False

The time when Amazon MSK creates the VPC Connnection.

owner

string

False

The owner of the VPC Connection.

userIdentity

UserIdentity

False

Description of the requester that calls the API operation.

vpcConnectionArn

string

False

The Amazon Resource Name (ARN) of the VPC connection.

VpcConnectivity

VPC connection control settings for brokers.

PropertyTypeRequiredDescription
clientAuthentication

VpcConnectivityClientAuthentication

False

VPC connection control settings for brokers.

VpcConnectivityClientAuthentication

Includes all client authentication information for VpcConnectivity.

PropertyTypeRequiredDescription
sasl

VpcConnectivitySasl

False

Details for VpcConnectivity ClientAuthentication using SASL.

tls

VpcConnectivityTls

False

Details for VpcConnectivity ClientAuthentication using TLS.

VpcConnectivityIAM

Details for SASL/IAM client authentication for VpcConnectivity.

PropertyTypeRequiredDescription
enabled

boolean

False

SASL/IAM authentication is enabled or not.

VpcConnectivitySasl

Details for client authentication using SASL for VpcConnectivity.

PropertyTypeRequiredDescription
iam

VpcConnectivityIAM

False

Details for ClientAuthentication using IAM for VpcConnectivity.

scram

VpcConnectivityScram

False

Details for SASL/SCRAM client authentication for VpcConnectivity.

VpcConnectivityScram

Details for SASL/SCRAM client authentication for vpcConnectivity.

PropertyTypeRequiredDescription
enabled

boolean

False

SASL/SCRAM authentication is enabled or not.

VpcConnectivityTls

Details for client authentication using TLS for vpcConnectivity.

PropertyTypeRequiredDescription
enabled

boolean

False

TLS authentication is enabled or not.

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

DescribeClusterOperation