[
https://issues.apache.org/jira/browse/NIFI-14927?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Handermann updated NIFI-14927:
------------------------------------
Summary: Add AWS Role Properties to Amazon MSK Connection Service (was:
Make use of AWSCredentialsProviderControllerService for
AmazonMSKConnectionService)
> Add AWS Role Properties to Amazon MSK Connection Service
> --------------------------------------------------------
>
> Key: NIFI-14927
> URL: https://issues.apache.org/jira/browse/NIFI-14927
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: Nick
> Assignee: Pierre Villard
> Priority: Major
> Attachments: image-2025-09-01-21-50-48-663.png,
> image-2025-09-01-21-52-34-971.png, image-2025-09-02-11-21-31-147.png,
> image-2025-09-05-11-11-06-768.png, image-2025-09-05-11-13-03-732.png
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Currently, the AmazonMSKConnectionService lacks the authentication settings
> that are available through the AWSCredentialsProviderControllerService on the
> other AWS providers (to allow things like Assume Role).
> !image-2025-09-01-21-50-48-663.png|width=614,height=461!
> Currently this means we need to set permissions on the AWS IAM Role that is
> mapped to the PodIdentity. Instead, we would rather configure each provider
> with the applicable IAM Role to be assumed from the PodIdentity Role.
> ListS3, AwsSecretsManagerParameterProvider (and others) allow a more
> versatile and expected configuration using the
> AWSCredentialsProviderControllerService:
> !image-2025-09-02-11-21-31-147.png|width=649,height=361!
> !image-2025-09-01-21-52-34-971.png|width=647,height=501!
> Can the same be applied to AmazonMSKConnectionService?
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
