IAM roles and policies for MSK Connect

This section helps you set up the appropriate IAM policies and roles to securely deploy and manage Amazon MSK Connect within your Amazon environment. The following sections explain the service execution role that must be used with MSK Connect, including the required trust policy and additional permissions needed when connecting to an IAM-authenticated MSK cluster. The page also provides examples of comprehensive IAM policies to grant full access to MSK Connect functionality, as well as details on Amazon managed policies available for the service.

Topics

Understand service execution role
Example of IAM policy for MSK Connect
Prevent cross-service confused deputy problem
Amazon managed policies for MSK Connect
Use service-linked roles for MSK Connect

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Configuration providers

Understand service execution role