I am doing some POC to see if my application can access AWS MSK or not. We are using Multi-VPC using IAM role based authentication. We have already configured in both MSK and Rosa side (created IAM role, attached the policy with required permission).
Now I logged to my Client node and installed kafka client, then used the below config with bootstrap server to see if we can create sample topic, which worked without any issue.
Config:
security.protocol = SASL_SSL
sasl.mechanism = AWS_MSK_IAM
sasl.jaas.config = software.amazon.msk.auth.iam.IAMLoginModule required;
sasl.client.callback.handler.class = software.amazon.msk.auth.iam.IAMClientCallbackHandler
Now using the same above config I am deploying(using helm) a sample application (https://github.com/provectus/kafka-ui) on the same node but encountered an error:- (it is very big error, so highlighted the important ones)
SdkClientException: Unable to load credentials from any provider in the chain ...
You must specify roleArn and roleSessionName ....
profile cannot be null
tried to provide the roleArn as well but didnt work.
Could you please let me know what is wrong with it where if we use kafka client(kafka-topics.sh) it is working ?