AWS MSK MongoDB Sink Connector with IAM Auth enabled

Question

I have created a AWS MSK Cluster with both IAM and SCRAM authentication enabled. When trying to create a MongoDB sink connector that writes messages from kafka topics to MongoDB, the connector creation fails with a message saying

There is an issue with the connector
Code: UnknownError.Unknown
Message: The last operation failed. Retry the operation.

Here is the Trust relations in the Role i.e created

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "kafkaconnect.amazonaws.com"
            },
            "Action": "sts:AssumeRole",
            "Condition": {
                "StringEquals": {
                    "aws:SourceAccount": "1234567890"
                },
                "ArnLike": {
                    "aws:SourceArn": "arn:aws:kafkaconnect:us-west-2:1234567890:connector/*"
                }
            }
        }
    ]
}

Permissions assigned to the role

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "kafka-cluster:*",
                "kafkaconnect:*",
                "kms:Decrypt",
                "secretsmanager:GetSecretValue",
                "s3:*",
                "kafka:*",
                "logs:*"
            ],
            "Resource": "*"
        }
    ]
}

Why is the connector creation failing and there's absolutely no logs created in CloudWatch

Where is the Mongo is it DocumentDB or self managed. Did you followed this link https://aws.amazon.com/blogs/database/stream-data-with-amazon-documentdb-and-amazon-msk-using-a-kafka-connector/ — Vikram S, Dec 08 '22 at 01:29
It is DocumentDB. The ^ link has a an EC2 docker based connector implementation, I'm trying with AWS MSK Connector service. — junelane, Dec 08 '22 at 03:33

AWS MSK MongoDB Sink Connector with IAM Auth enabled

0 Answers0