AWS msk documentation change
Summary
Added version requirement clarification (Kafka 2.7.1+) for IAM access control with non-Java clients
Security assessment
Clarifies requirements for existing security feature (IAM access control) but does not address a specific security vulnerability
Diff
diff --git a/msk/latest/developerguide/iam-access-control.md b/msk/latest/developerguide/iam-access-control.md index 6d870c066..80288b659 100644 --- a//msk/latest/developerguide/iam-access-control.md +++ b//msk/latest/developerguide/iam-access-control.md @@ -7 +7 @@ -IAM access control for Amazon MSK enables you to handle both authentication and authorization for your MSK cluster. This eliminates the need to use one mechanism for authentication and another for authorization. For example, when a client tries to write to your cluster, Amazon MSK uses IAM to check whether that client is an authenticated identity and also whether it is authorized to produce to your cluster. IAM access control works for Java and non-Java clients, including Kafka clients written in Python, Go, JavaScript, and .NET. +IAM access control for Amazon MSK enables you to handle both authentication and authorization for your MSK cluster. This eliminates the need to use one mechanism for authentication and another for authorization. For example, when a client tries to write to your cluster, Amazon MSK uses IAM to check whether that client is an authenticated identity and also whether it is authorized to produce to your cluster. IAM access control works for Java and non-Java clients, including Kafka clients written in Python, Go, JavaScript, and .NET. IAM access control for non-Java clients is available for MSK clusters with Kafka version 2.7.1 or above.