terraform-provider-kafka icon indicating copy to clipboard operation
terraform-provider-kafka copied to clipboard

Published 20 hours ago verified publisher icon Mongey

Version 0.7.0 does error on aim auth in comparison to 0.6.0

Open fritz-net opened this issue 1 year ago • 6 comments

our module was auto updated and starting to fail. When setting version to 0.6.0 it worked again.

we use aim auth and tls


│             * kafka server: SASL Authentication failed: [e1940359-331e-448d-851e-0165a6d0db46]: Invalid authentication payload

│             * kafka server: SASL Authentication failed: [b9824777-2089-4db1-8b78-a8037af63b6a]: Invalid authentication payload

fritz-net avatar Mar 14 '24 12:03 fritz-net

which sasl auth are you using? will you be able to share provider config?

sappusaketh avatar Mar 14 '24 14:03 sappusaketh

sure here:

provider "kafka" {
  bootstrap_servers = split(",", aws_msk_cluster.somename.bootstrap_brokers_sasl_iam)
  tls_enabled       = true
  sasl_mechanism    = "aws-iam" # https://github.com/Mongey/terraform-provider-kafka/pull/372
}

for me its not that urgent since reverting back to 0.6.0 made it work again :)

fritz-net avatar Mar 14 '24 16:03 fritz-net

so are you setting creds via env vars cause I made change just to include aws_profile or aws_role_arn i havent changed any of 0.6.0 behavior just trying to see what caused this

sappusaketh avatar Mar 14 '24 16:03 sappusaketh

yes ( I thing - will check tomorrow ) we use env vars since they are secrets and its inside of a CI/CD pipeline

fritz-net avatar Mar 14 '24 22:03 fritz-net

Ok I will try it out with env vars and see if it works sorry I only tested with iam_role_arn

sappusaketh avatar Mar 14 '24 22:03 sappusaketh

https://github.com/aws-actions/configure-aws-credentials this is what's used under the hood, so I guess its env vars

fritz-net avatar Mar 15 '24 18:03 fritz-net