Cluster

class aws_cdk.aws_msk_alpha.Cluster(scope, id, *, cluster_name, kafka_version, vpc, client_authentication=None, configuration_info=None, ebs_storage_info=None, encryption_in_transit=None, instance_type=None, logging=None, monitoring=None, number_of_broker_nodes=None, removal_policy=None, security_groups=None, storage_mode=None, vpc_subnets=None)

Bases: Resource

(experimental) Create a MSK Cluster.

Stability:

experimental

Resource:

AWS::MSK::Cluster

ExampleMetadata:

infused

Example:

# vpc: ec2.Vpc

cluster = msk.Cluster(self, "cluster",
    cluster_name="myCluster",
    kafka_version=msk.KafkaVersion.V2_8_1,
    vpc=vpc,
    encryption_in_transit=msk.EncryptionInTransitConfig(
        client_broker=msk.ClientBrokerEncryption.TLS
    ),
    client_authentication=msk.ClientAuthentication.sasl(
        scram=True
    )
)
Parameters:
  • scope (Construct) –

  • id (str) –

  • cluster_name (str) – (experimental) The physical name of the cluster.

  • kafka_version (KafkaVersion) – (experimental) The version of Apache Kafka.

  • vpc (IVpc) – (experimental) Defines the virtual networking environment for this cluster. Must have at least 2 subnets in two different AZs.

  • client_authentication (Optional[ClientAuthentication]) – (experimental) Configuration properties for client authentication. MSK supports using private TLS certificates or SASL/SCRAM to authenticate the identity of clients. Default: - disabled

  • configuration_info (Union[ClusterConfigurationInfo, Dict[str, Any], None]) – (experimental) The Amazon MSK configuration to use for the cluster. Default: - none

  • ebs_storage_info (Union[EbsStorageInfo, Dict[str, Any], None]) – (experimental) Information about storage volumes attached to MSK broker nodes. Default: - 1000 GiB EBS volume

  • encryption_in_transit (Union[EncryptionInTransitConfig, Dict[str, Any], None]) – (experimental) Config details for encryption in transit. Default: - enabled

  • instance_type (Optional[InstanceType]) – (experimental) The EC2 instance type that you want Amazon MSK to use when it creates your brokers. Default: kafka.m5.large

  • logging (Union[BrokerLogging, Dict[str, Any], None]) – (experimental) Configure your MSK cluster to send broker logs to different destination types. Default: - disabled

  • monitoring (Union[MonitoringConfiguration, Dict[str, Any], None]) – (experimental) Cluster monitoring configuration. Default: - DEFAULT monitoring level

  • number_of_broker_nodes (Union[int, float, None]) – (experimental) Number of Apache Kafka brokers deployed in each Availability Zone. Default: 1

  • removal_policy (Optional[RemovalPolicy]) – (experimental) What to do when this resource is deleted from a stack. Default: RemovalPolicy.RETAIN

  • security_groups (Optional[Sequence[ISecurityGroup]]) – (experimental) The AWS security groups to associate with the elastic network interfaces in order to specify who can connect to and communicate with the Amazon MSK cluster. Default: - create new security group

  • storage_mode (Optional[StorageMode]) – (experimental) This controls storage mode for supported storage tiers. Default: - StorageMode.LOCAL

  • vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – (experimental) Where to place the nodes within the VPC. Amazon MSK distributes the broker nodes evenly across the subnets that you specify. The subnets that you specify must be in distinct Availability Zones. Client subnets can’t be in Availability Zone us-east-1e. Default: - the Vpc default strategy if not specified.

Stability:

experimental

Methods

add_user(*usernames)

(experimental) A list of usersnames to register with the cluster.

The password will automatically be generated using Secrets Manager and the { username, password } JSON object stored in Secrets Manager as AmazonMSK_username.

Must be using the SASL/SCRAM authentication mechanism.

Parameters:

usernames (str) –

  • username(s) to register with the cluster.

Stability:

experimental

Return type:

None

apply_removal_policy(policy)

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

Parameters:

policy (RemovalPolicy) –

Return type:

None

to_string()

Returns a string representation of this construct.

Return type:

str

Attributes

bootstrap_brokers

(experimental) Get the list of brokers that a client application can use to bootstrap.

Uses a Custom Resource to make an API call to getBootstrapBrokers using the Javascript SDK

Returns:

  • A string containing one or more hostname:port pairs.

Stability:

experimental

bootstrap_brokers_sasl_iam

(experimental) Get the list of brokers that a SASL/IAM authenticated client application can use to bootstrap.

Uses a Custom Resource to make an API call to getBootstrapBrokers using the Javascript SDK

Returns:

  • A string containing one or more DNS names (or IP) and TLS port pairs.

Stability:

experimental

bootstrap_brokers_sasl_scram

(experimental) Get the list of brokers that a SASL/SCRAM authenticated client application can use to bootstrap.

Uses a Custom Resource to make an API call to getBootstrapBrokers using the Javascript SDK

Returns:

  • A string containing one or more dns name (or IP) and SASL SCRAM port pairs.

Stability:

experimental

bootstrap_brokers_tls

(experimental) Get the list of brokers that a TLS authenticated client application can use to bootstrap.

Uses a Custom Resource to make an API call to getBootstrapBrokers using the Javascript SDK

Returns:

  • A string containing one or more DNS names (or IP) and TLS port pairs.

Stability:

experimental

cluster_arn

(experimental) The ARN of cluster.

Stability:

experimental

cluster_name

(experimental) The physical name of the cluster.

Stability:

experimental

connections

(experimental) Manages connections for the cluster.

Stability:

experimental

env

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.

node

The tree node.

sasl_scram_authentication_key

(experimental) Key used to encrypt SASL/SCRAM users.

Stability:

experimental

stack

The stack in which this resource is defined.

zookeeper_connection_string

(experimental) Get the ZooKeeper Connection string.

Uses a Custom Resource to make an API call to describeCluster using the Javascript SDK

Returns:

  • The connection string to use to connect to the Apache ZooKeeper cluster.

Stability:

experimental

zookeeper_connection_string_tls

(experimental) Get the ZooKeeper Connection string for a TLS enabled cluster.

Uses a Custom Resource to make an API call to describeCluster using the Javascript SDK

Returns:

  • The connection string to use to connect to zookeeper cluster on TLS port.

Stability:

experimental

Static Methods

classmethod from_cluster_arn(scope, id, cluster_arn)

(experimental) Reference an existing cluster, defined outside of the CDK code, by name.

Parameters:
  • scope (Construct) –

  • id (str) –

  • cluster_arn (str) –

Stability:

experimental

Return type:

ICluster

classmethod is_construct(x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Construct.

classmethod is_owned_resource(construct)

Returns true if the construct was created by CDK, and false otherwise.

Parameters:

construct (IConstruct) –

Return type:

bool

classmethod is_resource(construct)

Check whether the given construct is a Resource.

Parameters:

construct (IConstruct) –

Return type:

bool