Cluster

class aws_cdk.aws_msk.Cluster(scope, id, *, cluster_name, kafka_version, vpc, client_authentication=None, configuration_info=None, ebs_storage_info=None, encryption_in_transit=None, instance_type=None, logging=None, monitoring=None, number_of_broker_nodes=None, removal_policy=None, security_groups=None, vpc_subnets=None)

Bases: Resource

(experimental) Create a MSK Cluster.

Stability

experimental

Resource

AWS::MSK::Cluster

ExampleMetadata

infused

Example:

# vpc: ec2.Vpc

cluster = msk.Cluster(self, "cluster",
    cluster_name="myCluster",
    kafka_version=msk.KafkaVersion.V2_8_1,
    vpc=vpc,
    encryption_in_transit=msk.EncryptionInTransitConfig(
        client_broker=msk.ClientBrokerEncryption.TLS
    ),
    client_authentication=msk.ClientAuthentication.sasl(
        scram=True
    )
)
Parameters

  • scope (Construct) –

  • id (str) –

  • cluster_name (str) – (experimental) The physical name of the cluster.

  • kafka_version (KafkaVersion) – (experimental) The version of Apache Kafka.

  • vpc (IVpc) – (experimental) Defines the virtual networking environment for this cluster. Must have at least 2 subnets in two different AZs.

  • client_authentication (Optional[ClientAuthentication]) – (experimental) Configuration properties for client authentication. MSK supports using private TLS certificates or SASL/SCRAM to authenticate the identity of clients. Default: - disabled

  • configuration_info (Union[ClusterConfigurationInfo, Dict[str, Any], None]) – (experimental) The Amazon MSK configuration to use for the cluster. Default: - none

  • ebs_storage_info (Union[EbsStorageInfo, Dict[str, Any], None]) – (experimental) Information about storage volumes attached to MSK broker nodes. Default: - 1000 GiB EBS volume

  • encryption_in_transit (Union[EncryptionInTransitConfig, Dict[str, Any], None]) – (experimental) Config details for encryption in transit. Default: - enabled

  • instance_type (Optional[InstanceType]) – (experimental) The EC2 instance type that you want Amazon MSK to use when it creates your brokers. Default: kafka.m5.large

  • logging (Union[BrokerLogging, Dict[str, Any], None]) – (experimental) Configure your MSK cluster to send broker logs to different destination types. Default: - disabled

  • monitoring (Union[MonitoringConfiguration, Dict[str, Any], None]) – (experimental) Cluster monitoring configuration. Default: - DEFAULT monitoring level

  • number_of_broker_nodes (Union[int, float, None]) – (experimental) Number of Apache Kafka brokers deployed in each Availability Zone. Default: 1

  • removal_policy (Optional[RemovalPolicy]) – (experimental) What to do when this resource is deleted from a stack. Default: RemovalPolicy.RETAIN

  • security_groups (Optional[Sequence[ISecurityGroup]]) – (experimental) The AWS security groups to associate with the elastic network interfaces in order to specify who can connect to and communicate with the Amazon MSK cluster. Default: - create new security group

  • vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – (experimental) Where to place the nodes within the VPC. Amazon MSK distributes the broker nodes evenly across the subnets that you specify. The subnets that you specify must be in distinct Availability Zones. Client subnets can’t be in Availability Zone us-east-1e. Default: - the Vpc default strategy if not specified.

Stability

experimental

Methods

add_user(*usernames)

(experimental) A list of usersnames to register with the cluster.

The password will automatically be generated using Secrets Manager and the { username, password } JSON object stored in Secrets Manager as AmazonMSK_username.

Must be using the SASL/SCRAM authentication mechanism.

Parameters

usernames (str) –

  • username(s) to register with the cluster.

Stability

experimental

Return type

None

apply_removal_policy(policy)

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

Parameters

policy (RemovalPolicy) –

Return type

None

to_string()

Returns a string representation of this construct.

Return type

str

Attributes

bootstrap_brokers

(experimental) Get the list of brokers that a client application can use to bootstrap.

Uses a Custom Resource to make an API call to getBootstrapBrokers using the Javascript SDK

Return type

str

Returns

  • A string containing one or more hostname:port pairs.

Stability

experimental

bootstrap_brokers_sasl_scram

(experimental) Get the list of brokers that a SASL/SCRAM authenticated client application can use to bootstrap.

Uses a Custom Resource to make an API call to getBootstrapBrokers using the Javascript SDK

Return type

str

Returns

  • A string containing one or more dns name (or IP) and SASL SCRAM port pairs.

Stability

experimental

bootstrap_brokers_tls

(experimental) Get the list of brokers that a TLS authenticated client application can use to bootstrap.

Uses a Custom Resource to make an API call to getBootstrapBrokers using the Javascript SDK

Return type

str

Returns

  • A string containing one or more DNS names (or IP) and TLS port pairs.

Stability

experimental

cluster_arn

(experimental) The ARN of cluster.

Stability

experimental

Return type

str

cluster_name

(experimental) The physical name of the cluster.

Stability

experimental

Return type

str

connections

(experimental) Manages connections for the cluster.

Stability

experimental

Return type

Connections

env

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.

Return type

ResourceEnvironment

node

The construct tree node associated with this construct.

Return type

ConstructNode

sasl_scram_authentication_key

(experimental) Key used to encrypt SASL/SCRAM users.

Stability

experimental

Return type

Optional[IKey]

stack

The stack in which this resource is defined.

Return type

Stack

zookeeper_connection_string

(experimental) Get the ZooKeeper Connection string.

Uses a Custom Resource to make an API call to describeCluster using the Javascript SDK

Return type

str

Returns

  • The connection string to use to connect to the Apache ZooKeeper cluster.

Stability

experimental

zookeeper_connection_string_tls

(experimental) Get the ZooKeeper Connection string for a TLS enabled cluster.

Uses a Custom Resource to make an API call to describeCluster using the Javascript SDK

Return type

str

Returns

  • The connection string to use to connect to zookeeper cluster on TLS port.

Stability

experimental

Static Methods

classmethod from_cluster_arn(scope, id, cluster_arn)

(experimental) Reference an existing cluster, defined outside of the CDK code, by name.

Parameters

  • scope (Construct) –

  • id (str) –

  • cluster_arn (str) –

Stability

experimental

Return type

ICluster

classmethod is_construct(x)

Return whether the given object is a Construct.

Parameters

x (Any) –

Return type

bool

classmethod is_resource(construct)

Check whether the given construct is a Resource.

Parameters

construct (IConstruct) –

Return type

bool