Connecting to an Amazon MSK cluster

By default, clients can access an MSK cluster only if they're in the same VPC as the cluster. All communication between your Kafka clients and your MSK cluster are private by default and your streaming data never traverses the internet. To connect to your MSK cluster from a client that's in the same VPC as the cluster, make sure the cluster's security group has an inbound rule that accepts traffic from the client's security group. For information about setting up these rules, see Security Group Rules. For an example of how to access a cluster from an Amazon EC2 instance that's in the same VPC as the cluster, see Getting started using Amazon MSK.

To connect to your MSK cluster from a client that's outside the cluster's VPC, see Access from within AWS but outside cluster's VPC.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Infrastructure security

Public access