Skip to main content

clusters

Creates, updates, deletes or gets a cluster resource or lists clusters in a region

Overview

Nameclusters
TypeResource
DescriptionResource Type definition for AWS::MSK::Cluster
Idaws.msk.clusters

Fields

NameDatatypeDescription
broker_node_group_infoobject
enhanced_monitoringstring
kafka_versionstring
number_of_broker_nodesinteger
encryption_infoobject
open_monitoringobject
cluster_namestring
arnstring
current_versionstringThe current version of the MSK cluster
client_authenticationobject
logging_infoobject
tagsobjectA key-value pair to associate with a resource.
configuration_infoobject
storage_modestring
regionstringAWS region.

Methods

NameAccessible byRequired Params
create_resourceINSERTBrokerNodeGroupInfo, KafkaVersion, NumberOfBrokerNodes, ClusterName, region
delete_resourceDELETEdata__Identifier, region
update_resourceUPDATEdata__Identifier, data__PatchDocument, region
list_resourcesSELECTregion
get_resourceSELECTdata__Identifier, region

SELECT examples

Gets all clusters in a region.

SELECT
region,
broker_node_group_info,
enhanced_monitoring,
kafka_version,
number_of_broker_nodes,
encryption_info,
open_monitoring,
cluster_name,
arn,
current_version,
client_authentication,
logging_info,
tags,
configuration_info,
storage_mode
FROM aws.msk.clusters
WHERE region = 'us-east-1';

Gets all properties from an individual cluster.

SELECT
region,
broker_node_group_info,
enhanced_monitoring,
kafka_version,
number_of_broker_nodes,
encryption_info,
open_monitoring,
cluster_name,
arn,
current_version,
client_authentication,
logging_info,
tags,
configuration_info,
storage_mode
FROM aws.msk.clusters
WHERE region = 'us-east-1' AND data__Identifier = '<Arn>';

INSERT example

Use the following StackQL query and manifest file to create a new cluster resource, using stack-deploy.

/*+ create */
INSERT INTO aws.msk.clusters (
 BrokerNodeGroupInfo,
 KafkaVersion,
 NumberOfBrokerNodes,
 ClusterName,
 region
)
SELECT 
'{{ BrokerNodeGroupInfo }}',
 '{{ KafkaVersion }}',
 '{{ NumberOfBrokerNodes }}',
 '{{ ClusterName }}',
'{{ region }}';

DELETE example

/*+ delete */
DELETE FROM aws.msk.clusters
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';

Permissions

To operate on the clusters resource, the following permissions are required:

Create

ec2:DescribeSecurityGroups,
ec2:DescribeSubnets,
ec2:DescribeVpcs,
iam:AttachRolePolicy,
iam:CreateServiceLinkedRole,
iam:PutRolePolicy,
kms:CreateGrant,
kms:DescribeKey,
kafka:CreateCluster,
kafka:DescribeCluster,
kafka:TagResource,
logs:CreateLogDelivery,
logs:GetLogDelivery,
logs:UpdateLogDelivery,
logs:DeleteLogDelivery,
logs:ListLogDeliveries,
s3:GetBucketPolicy,
s3:PutBucketPolicy,
logs:PutResourcePolicy,
logs:DescribeResourcePolicies,
logs:DescribeLogGroups,
firehose:TagDeliveryStream,
acm-pca:GetCertificateAuthorityCertificate

Update

kafka:UpdateMonitoring,
kafka:UpdateClusterKafkaVersion,
kafka:UpdateClusterConfiguration,
kafka:UpdateBrokerType,
kafka:UpdateBrokerCount,
kafka:UpdateBrokerStorage,
kafka:UpdateStorage,
kafka:UpdateSecurity,
kafka:UpdateConnectivity,
kafka:DescribeCluster,
kafka:DescribeClusterOperation,
kafka:TagResource,
kafka:UntagResource,
ec2:DescribeSubnets,
ec2:DescribeVpcs,
ec2:DescribeSecurityGroups,
iam:AttachRolePolicy,
iam:CreateServiceLinkedRole,
iam:PutRolePolicy,
kms:DescribeKey,
kms:CreateGrant,
logs:CreateLogDelivery,
logs:GetLogDelivery,
logs:UpdateLogDelivery,
logs:DeleteLogDelivery,
logs:ListLogDeliveries,
s3:GetBucketPolicy,
logs:PutResourcePolicy,
logs:DescribeResourcePolicies,
logs:DescribeLogGroups,
firehose:TagDeliveryStream,
acm-pca:GetCertificateAuthorityCertificate

Delete

kafka:DeleteCluster,
kafka:DescribeCluster

List

kafka:ListClusters

Read

kafka:DescribeCluster