Amazon Managed Streaming for Apache Kafka
Developer Guide

Step 4: Create a Client Machine

In this step of Getting Started Using Amazon MSK, you create a client machine. You use this client machine to create a topic that produces and consumes data. For simplicity, we'll put this client machine in the same VPC as the Amazon MSK cluster. But a client machine doesn't have to be in the same VPC as the cluster.

To create a client machine

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

  2. Choose Launch Instance.

  3. Choose Select to create an instance of Amazon Linux 2 AMI (HVM), SSD Volume Type.

  4. Choose the t2.xlarge instance type by selecting the check box next to it.

  5. Choose Next: Configure Instance Details.

  6. In the Network list, choose AWSKafkaTutorialVPC.

  7. In the Auto-assign Public IP list, choose Enable.

  8. In the menu near the top, choose 5. Add Tags.

  9. Choose Add Tag.

  10. Enter Name for the Key and AWSKafkaTutorialClient for the Value.

  11. Choose Review and Launch, and then choose Launch.

  12. Choose Create a new key pair, enter MSKKeyPair for Key pair name, and then choose Download Key Pair. Alternatively, you can use an existing key pair if you prefer.

  13. Read the acknowledgement, select the check box next to it, and choose Launch Instances.

  14. Choose View Instances. Then, in the Security Groups column, choose the security group that is associated with the AWSKafkaTutorialClient instance.

  15. Copy the value of Group ID (and not the group name) that is associated with the security group, and save it for later.

  16. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  17. In the navigation pane, choose Security Groups. In the VPC ID column of the security groups, find the row that contains the ID you saved for AWSKafkaTutorialVPC, and the Description column has the value default VPC security group. Choose this row by selecting the check box in the first column.

  18. In the Inbound Rules tab, choose Edit rules.

  19. Choose Add Rule.

  20. In the new rule, choose All traffic in the Type column. In the second field in the Source column, enter the ID of the security group of the client machine. This is the group ID that you saved earlier.

  21. Choose Save rules.

  22. Repeat these steps to add an inbound rule in the security group that corresponds to your client machine to allow it to receive traffic from the AWSKafkaTutorialVPC security group. Now your client machine can communicate back and forth with your MSK cluster.

Next Step

Step 5: Create a Topic