Cluster Operations

Represents the operations that have been performed on an MSK cluster.

URI

/v1/clusters/clusterArn/operations

HTTP methods

GET

Operation ID: ListClusterOperations

Returns a list of all the operations that have been performed on the specified MSK cluster.

Path parameters
Name	Type	Required	Description
`clusterArn`	String	True	The Amazon Resource Name (ARN) that uniquely identifies the cluster.

Query parameters
Name	Type	Required	Description
`nextToken`	String	False	The paginated results marker. When the result of the operation is truncated, the call returns `NextToken` in the response. To get the next batch, provide this token in your next request.
`maxResults`	String	False	The maximum number of results to return in the response (default maximum 100 results per API call). If there are more results, the response includes a `NextToken` parameter.

Responses
Status code	Response model	Description
`200`	`ListClusterOperationsResponse`	Successful response.
`400`	`Error`	The request isn't valid because the input is incorrect. Correct your input and then submit it again.
`401`	`Error`	The request is not authorized. The provided credentials couldn't be validated.
`403`	`Error`	Access forbidden. Check your credentials and then retry your request.
`404`	`Error`	The resource could not be found due to incorrect input. Correct the input, then retry the request.
`429`	`Error`	429 response
`500`	`Error`	There was an unexpected internal server error. Retrying your request might resolve the issue.
`503`	`Error`	503 response

OPTIONS

Enable CORS by returning the correct headers.

Path parameters
Name	Type	Required	Description
`clusterArn`	String	True	The Amazon Resource Name (ARN) that uniquely identifies the cluster.

Responses
Status code	Response model	Description
`200`	None	Default response for CORS method

Schemas

Response bodies


{
  "nextToken nextToken": "string",
  "clusterOperationInfoList clusterOperationInfoList": [
    {
      "clusterArn clusterArn": "string",
      "creationTime creationTime": "string",
      "clientRequestId clientRequestId": "string",
      "operationState operationState": "string",
      "sourceClusterInfo sourceClusterInfo": {
        "encryptionInfo encryptionInfo": {
          "encryptionInTransit encryptionInTransit": {
            "inCluster inCluster": boolean,
            "clientBroker clientBroker": enum
          },
          "encryptionAtRest encryptionAtRest": {
            "dataVolumeKMSKeyId dataVolumeKMSKeyId": "string"
          }
        },
        "configurationInfo configurationInfo": {
          "arn arn": "string",
          "revision revision": integer
        },
        "brokerCountUpdateInfo brokerCountUpdateInfo": {
          "createdBrokerIds createdBrokerIds": [
            number
          ],
          "deletedBrokerIds deletedBrokerIds": [
            number
          ]
        },
        "instanceType instanceType": "string",
        "loggingInfo loggingInfo": {
          "brokerLogs brokerLogs": {
            "s3 s3": {
              "bucket bucket": "string",
              "prefix prefix": "string",
              "enabled enabled": boolean
            },
            "firehose firehose": {
              "deliveryStream deliveryStream": "string",
              "enabled enabled": boolean
            },
            "cloudWatchLogs cloudWatchLogs": {
              "logGroup logGroup": "string",
              "enabled enabled": boolean
            }
          }
        },
        "brokerEBSVolumeInfo brokerEBSVolumeInfo": [
          {
            "volumeSizeGB volumeSizeGB": integer,
            "provisionedThroughput provisionedThroughput": {
              "volumeThroughput volumeThroughput": integer,
              "enabled enabled": boolean
            },
            "kafkaBrokerNodeId kafkaBrokerNodeId": "string"
          }
        ],
        "numberOfBrokerNodes numberOfBrokerNodes": integer,
        "enhancedMonitoring enhancedMonitoring": enum,
        "storageMode storageMode": enum,
        "kafkaVersion kafkaVersion": "string",
        "connectivityInfo connectivityInfo": {
          "vpcConnectivity vpcConnectivity": {
            "clientAuthentication clientAuthentication": {
              "sasl sasl": {
                "iam iam": {
                  "enabled enabled": boolean
                },
                "scram scram": {
                  "enabled enabled": boolean
                }
              },
              "tls tls": {
                "enabled enabled": boolean
              }
            }
          },
          "publicAccess publicAccess": {
            "type type": "string"
          },
          "networkType networkType": "string"
        },
        "clientAuthentication clientAuthentication": {
          "sasl sasl": {
            "iam iam": {
              "enabled enabled": boolean
            },
            "scram scram": {
              "enabled enabled": boolean
            }
          },
          "unauthenticated unauthenticated": {
            "enabled enabled": boolean
          },
          "tls tls": {
            "certificateAuthorityArnList certificateAuthorityArnList": [
              "string"
            ],
            "enabled enabled": boolean
          }
        },
        "openMonitoring openMonitoring": {
          "prometheus prometheus": {
            "nodeExporter nodeExporter": {
              "enabledInBroker enabledInBroker": boolean
            },
            "jmxExporter jmxExporter": {
              "enabledInBroker enabledInBroker": boolean
            }
          }
        },
        "rebalancing rebalancing": {
          "status status": enum
        }
      },
      "errorInfo errorInfo": {
        "errorString errorString": "string",
        "errorCode errorCode": "string"
      },
      "vpcConnectionInfo vpcConnectionInfo": {
        "owner owner": "string",
        "vpcConnectionArn vpcConnectionArn": "string",
        "creationTime creationTime": "string",
        "userIdentity userIdentity": {
          "principalId principalId": "string",
          "type type": enum
        }
      },
      "operationType operationType": "string",
      "endTime endTime": "string",
      "operationSteps operationSteps": [
        {
          "stepName stepName": "string",
          "stepInfo stepInfo": {
            "stepStatus stepStatus": "string"
          }
        }
      ],
      "operationArn operationArn": "string",
      "targetClusterInfo targetClusterInfo": {
        "encryptionInfo encryptionInfo": {
          "encryptionInTransit encryptionInTransit": {
            "inCluster inCluster": boolean,
            "clientBroker clientBroker": enum
          },
          "encryptionAtRest encryptionAtRest": {
            "dataVolumeKMSKeyId dataVolumeKMSKeyId": "string"
          }
        },
        "configurationInfo configurationInfo": {
          "arn arn": "string",
          "revision revision": integer
        },
        "brokerCountUpdateInfo brokerCountUpdateInfo": {
          "createdBrokerIds createdBrokerIds": [
            number
          ],
          "deletedBrokerIds deletedBrokerIds": [
            number
          ]
        },
        "instanceType instanceType": "string",
        "loggingInfo loggingInfo": {
          "brokerLogs brokerLogs": {
            "s3 s3": {
              "bucket bucket": "string",
              "prefix prefix": "string",
              "enabled enabled": boolean
            },
            "firehose firehose": {
              "deliveryStream deliveryStream": "string",
              "enabled enabled": boolean
            },
            "cloudWatchLogs cloudWatchLogs": {
              "logGroup logGroup": "string",
              "enabled enabled": boolean
            }
          }
        },
        "brokerEBSVolumeInfo brokerEBSVolumeInfo": [
          {
            "volumeSizeGB volumeSizeGB": integer,
            "provisionedThroughput provisionedThroughput": {
              "volumeThroughput volumeThroughput": integer,
              "enabled enabled": boolean
            },
            "kafkaBrokerNodeId kafkaBrokerNodeId": "string"
          }
        ],
        "numberOfBrokerNodes numberOfBrokerNodes": integer,
        "enhancedMonitoring enhancedMonitoring": enum,
        "storageMode storageMode": enum,
        "kafkaVersion kafkaVersion": "string",
        "connectivityInfo connectivityInfo": {
          "vpcConnectivity vpcConnectivity": {
            "clientAuthentication clientAuthentication": {
              "sasl sasl": {
                "iam iam": {
                  "enabled enabled": boolean
                },
                "scram scram": {
                  "enabled enabled": boolean
                }
              },
              "tls tls": {
                "enabled enabled": boolean
              }
            }
          },
          "publicAccess publicAccess": {
            "type type": "string"
          },
          "networkType networkType": "string"
        },
        "clientAuthentication clientAuthentication": {
          "sasl sasl": {
            "iam iam": {
              "enabled enabled": boolean
            },
            "scram scram": {
              "enabled enabled": boolean
            }
          },
          "unauthenticated unauthenticated": {
            "enabled enabled": boolean
          },
          "tls tls": {
            "certificateAuthorityArnList certificateAuthorityArnList": [
              "string"
            ],
            "enabled enabled": boolean
          }
        },
        "openMonitoring openMonitoring": {
          "prometheus prometheus": {
            "nodeExporter nodeExporter": {
              "enabledInBroker enabledInBroker": boolean
            },
            "jmxExporter jmxExporter": {
              "enabledInBroker enabledInBroker": boolean
            }
          }
        },
        "rebalancing rebalancing": {
          "status status": enum
        }
      }
    }
  ]
}


{
  "message message": "string",
  "invalidParameter invalidParameter": "string"
}

Properties

BrokerCountUpdateInfo

Contains the list of broker ids being changed during a broker count update.

Property	Type	Required	Description
`createdBrokerIds`	Array of type number	False	List of Kafka Broker IDs being created. If operation is INCREASE_BROKER_COUNT, the list contains numeric ids of brokers added by the operation.
`deletedBrokerIds`	Array of type number	False	List of Kafka Broker IDs being deleted. If operation is DECREASE_BROKER_COUNT, the list contains numeric ids of brokers removed by the operation.

createdBrokerIds

List of Kafka Broker IDs being created. If operation is INCREASE_BROKER_COUNT, the list contains numeric ids of brokers added by the operation.

Type: Array of type number
Required: False

deletedBrokerIds

List of Kafka Broker IDs being deleted. If operation is DECREASE_BROKER_COUNT, the list contains numeric ids of brokers removed by the operation.

Type: Array of type number
Required: False

BrokerEBSVolumeInfo

Specifies the EBS volume upgrade information. The broker identifier must be set to the keyword ALL. This means the changes apply to all the brokers in the cluster.

Property	Type	Required	Description
`kafkaBrokerNodeId`	string	True	The ID of the broker to update. The only allowed value is `ALL`. This means that Amazon MSK applies the same storage update to all broker nodes.
`provisionedThroughput`	ProvisionedThroughput	False	EBS volume provisioned throughput information.
`volumeSizeGB`	integer	False	Size of the EBS volume to update.

volumeSizeGB

Size of the EBS volume to update.

Type: integer
Required: False

provisionedThroughput

EBS volume provisioned throughput information.

Type: ProvisionedThroughput
Required: False

kafkaBrokerNodeId

The ID of the broker to update. The only allowed value is ALL. This means that Amazon MSK applies the same storage update to all broker nodes.

Type: string
Required: True

BrokerLogs

The broker logs configuration for this MSK cluster.

Property	Type	Required	Description
`cloudWatchLogs`	CloudWatchLogs	False	Details of the CloudWatch Logs destination for broker logs.
`firehose`	Firehose	False	Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.
`s3`	S3	False	Details of the Amazon S3 destination for broker logs.

s3

Details of the Amazon S3 destination for broker logs.

Type: S3
Required: False

firehose

Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.

Type: Firehose
Required: False

cloudWatchLogs

Details of the CloudWatch Logs destination for broker logs.

Type: CloudWatchLogs
Required: False

ClientAuthentication

Includes all client authentication information.

Property	Type	Required	Description
`sasl`	Sasl	False	Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT`. If you choose `TLS_PLAINTEXT`, then you must also set `unauthenticated` to true.
`tls`	Tls	False	Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS`.
`unauthenticated`	Unauthenticated	False	Details for ClientAuthentication using no authentication.

sasl

Details for client authentication using SASL. To turn on SASL, you must also turn on EncryptionInTransit by setting inCluster to true. You must set clientBroker to either TLS or TLS_PLAINTEXT. If you choose TLS_PLAINTEXT, then you must also set unauthenticated to true.

Type: Sasl
Required: False

unauthenticated

Details for ClientAuthentication using no authentication.

Type: Unauthenticated
Required: False

tls

Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on EncryptionInTransit by setting inCluster to true and clientBroker to TLS.

Type: Tls
Required: False

ClientBroker

Client-broker encryption in transit setting.

TLS
TLS_PLAINTEXT
PLAINTEXT

CloudWatchLogs

Details of the CloudWatch Logs destination for broker logs.

Property	Type	Required	Description
`enabled`	boolean	True	Specifies whether broker logs get sent to the specified CloudWatch Logs destination.
`logGroup`	string	False	The CloudWatch log group that is the destination for broker logs.

logGroup

The CloudWatch log group that is the destination for broker logs.

Type: string
Required: False

enabled

Specifies whether broker logs get sent to the specified CloudWatch Logs destination.

Type: boolean
Required: True

ClusterOperationInfo

Returns information about a cluster operation.

Property	Type	Required	Description
`clientRequestId`	string	False	The ID of the API request that triggered this operation.
`clusterArn`	string	False	ARN of the cluster.
`creationTime`	string	False	The time that the operation was created.
`endTime`	string	False	The time at which the operation finished.
`errorInfo`	ErrorInfo	False	Describes the error if the operation fails.
`operationArn`	string	False	ARN of the cluster operation.
`operationState`	string	False	State of the cluster operation.
`operationSteps`	Array of type ClusterOperationStep	False	Steps completed during the operation.
`operationType`	string	False	Type of the cluster operation.
`sourceClusterInfo`	MutableClusterInfo	False	Information about cluster attributes before a cluster is updated.
`targetClusterInfo`	MutableClusterInfo	False	Information about cluster attributes after a cluster is updated.
`vpcConnectionInfo`	VpcConnectionInfo	False	Description of the VPC connection for CreateVpcConnection and DeleteVpcConnection operations.

clusterArn

ARN of the cluster.

Type: string
Required: False

creationTime

The time that the operation was created.

Type: string
Required: False

clientRequestId

The ID of the API request that triggered this operation.

Type: string
Required: False

operationState

State of the cluster operation.

Type: string
Required: False

sourceClusterInfo

Information about cluster attributes before a cluster is updated.

Type: MutableClusterInfo
Required: False

errorInfo

Describes the error if the operation fails.

Type: ErrorInfo
Required: False

vpcConnectionInfo

Description of the VPC connection for CreateVpcConnection and DeleteVpcConnection operations.

Type: VpcConnectionInfo
Required: False

operationType

Type of the cluster operation.

Type: string
Required: False

endTime

The time at which the operation finished.

Type: string
Required: False

operationSteps

Steps completed during the operation.

Type: Array of type ClusterOperationStep
Required: False

operationArn

ARN of the cluster operation.

Type: string
Required: False

targetClusterInfo

Information about cluster attributes after a cluster is updated.

Type: MutableClusterInfo
Required: False

ClusterOperationStep

Step taken during a cluster operation.

Property	Type	Required	Description
`stepInfo`	ClusterOperationStepInfo	False	Information about the step and its status.
`stepName`	string	False	The name of the step.

stepName

The name of the step.

Type: string
Required: False

stepInfo

Information about the step and its status.

Type: ClusterOperationStepInfo
Required: False

ClusterOperationStepInfo

Information about a step in an operation.

Property	Type	Required	Description
`stepStatus`	string	False	The step's current status.

stepStatus

The step's current status.

Type: string
Required: False

ConfigurationInfo

Specifies the configuration to use for the brokers.

Property Type Required Description

Property	Type	Required	Description
`arn`	string	True	ARN of the configuration to use.
`revision`	integer Format: int64 Minimum: 1	True	The revision of the configuration to use.

arn

string

True

ARN of the configuration to use.

revision

integer

Format: int64

Minimum: 1

True

The revision of the configuration to use.

arn

ARN of the configuration to use.

Type: string
Required: True

revision

The revision of the configuration to use.

Type: integer
Required: True
Format: int64
Minimum: 1

ConnectivityInfo

Broker access controls.

Property Type Required Description

Property	Type	Required	Description
`networkType`	string MinLength: 4 MaxLength: 4	False	The network type of the cluster, which is IPv4 or DUAL. The DUAL network type uses both IPv4 and IPv6 addresses for your cluster and its resources. By default, a cluster uses the IPv4 network type.
`publicAccess`	PublicAccess	False	Access control settings for the cluster's brokers.
`vpcConnectivity`	VpcConnectivity	False	VPC connection control settings for brokers

networkType

string

MinLength: 4

MaxLength: 4

False

The network type of the cluster, which is IPv4 or DUAL. The DUAL network type uses both IPv4 and IPv6 addresses for your cluster and its resources. By default, a cluster uses the IPv4 network type.

publicAccess

PublicAccess

False

Access control settings for the cluster's brokers.

vpcConnectivity

VpcConnectivity

False

VPC connection control settings for brokers

vpcConnectivity

VPC connection control settings for brokers

Type: VpcConnectivity
Required: False

publicAccess

Access control settings for the cluster's brokers.

Type: PublicAccess
Required: False

networkType

The network type of the cluster, which is IPv4 or DUAL. The DUAL network type uses both IPv4 and IPv6 addresses for your cluster and its resources. By default, a cluster uses the IPv4 network type.

Type: string
Required: False
MinLength: 4
MaxLength: 4

EncryptionAtRest

The data-volume encryption details. You can't update encryption at rest settings for existing clusters.

Property	Type	Required	Description
`dataVolumeKMSKeyId`	string	True	The Amazon Resource Name (ARN) of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.

dataVolumeKMSKeyId

The Amazon Resource Name (ARN) of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.

Type: string
Required: True

EncryptionInTransit

The settings for encrypting data in transit.

Property Type Required Description

Property	Type	Required	Description
`clientBroker`	ClientBroker	False	Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values. `TLS` means that client-broker communication is enabled with TLS only. `TLS_PLAINTEXT` means that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data. `PLAINTEXT` means that client-broker communication is enabled in plaintext only. The default value is `TLS`.
`inCluster`	boolean	False	When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext. The default value is true.

clientBroker

ClientBroker

False

Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.

TLS means that client-broker communication is enabled with TLS only.

TLS_PLAINTEXT means that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.

PLAINTEXT means that client-broker communication is enabled in plaintext only.

The default value is TLS.

inCluster

boolean

False

When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.

The default value is true.

inCluster

When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.

The default value is true.

Type: boolean
Required: False

clientBroker

Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.

TLS means that client-broker communication is enabled with TLS only.

TLS_PLAINTEXT means that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.

PLAINTEXT means that client-broker communication is enabled in plaintext only.

The default value is TLS.

Type: ClientBroker
Required: False

EncryptionInfo

Includes encryption-related information, such as the Amazon KMS key used for encrypting data at rest and whether you want MSK to encrypt your data in transit.

Property	Type	Required	Description
`encryptionAtRest`	EncryptionAtRest	False	The data-volume encryption details.
`encryptionInTransit`	EncryptionInTransit	False	The details for encryption in transit.

encryptionInTransit

The details for encryption in transit.

Type: EncryptionInTransit
Required: False

encryptionAtRest

The data-volume encryption details.

Type: EncryptionAtRest
Required: False

EnhancedMonitoring

Specifies which Apache Kafka metrics Amazon MSK gathers and sends to Amazon CloudWatch for this cluster. This property has three possible values: DEFAULT, PER_BROKER, and PER_TOPIC_PER_BROKER. For a list of the metrics associated with each of these three levels of monitoring, see Monitoring.

DEFAULT
PER_BROKER
PER_TOPIC_PER_BROKER
PER_TOPIC_PER_PARTITION

Error

Returns information about an error.

Property	Type	Required	Description
`invalidParameter`	string	False	The parameter that caused the error.
`message`	string	False	The description of the error.

message

The description of the error.

Type: string
Required: False

invalidParameter

The parameter that caused the error.

Type: string
Required: False

ErrorInfo

Returns information about an error state of the cluster.

Property	Type	Required	Description
`errorCode`	string	False	A number describing the error programmatically.
`errorString`	string	False	An optional field to provide more details about the error.

errorString

An optional field to provide more details about the error.

Type: string
Required: False

errorCode

A number describing the error programmatically.

Type: string
Required: False

Firehose

Firehose details for BrokerLogs.

Property	Type	Required	Description
`deliveryStream`	string	False	The Kinesis Data Firehose delivery stream that is the destination for broker logs.
`enabled`	boolean	True	Specifies whether broker logs get sent to the specified Kinesis Data Firehose delivery stream.

deliveryStream

The Kinesis Data Firehose delivery stream that is the destination for broker logs.

Type: string
Required: False

enabled

Specifies whether broker logs get sent to the specified Kinesis Data Firehose delivery stream.

Type: boolean
Required: True

IAM

Details for SASL/IAM client authentication.

Property	Type	Required	Description
`enabled`	boolean	False	SASL/IAM authentication is enabled or not.

enabled

SASL/IAM authentication is enabled or not.

Type: boolean
Required: False

JmxExporter

Indicates whether you want to enable or disable the JMX Exporter.

Property	Type	Required	Description
`enabledInBroker`	boolean	True	Indicates whether you want to enable or disable the JMX Exporter.

enabledInBroker

Indicates whether you want to enable or disable the JMX Exporter.

Type: boolean
Required: True

ListClusterOperationsResponse

The response contains an array containing cluster operation information and a next token if the response is truncated. Displays operations of the type DECREASE_BROKER_COUNT in results list (after a successful broker removal operation).

Property	Type	Required	Description
`clusterOperationInfoList`	Array of type ClusterOperationInfo	False	An array of cluster operation information objects.
`nextToken`	string	False	If the response of ListClusterOperations is truncated, Amazon MSK returns a NextToken in the response. Send this NextToken in your subsequent request to ListClusterOperations.

nextToken

If the response of ListClusterOperations is truncated, Amazon MSK returns a NextToken in the response. Send this NextToken in your subsequent request to ListClusterOperations.

Type: string
Required: False

clusterOperationInfoList

An array of cluster operation information objects.

Type: Array of type ClusterOperationInfo
Required: False

LoggingInfo

You can configure your MSK cluster to send broker logs to different destination types. This is a container for the configuration details related to broker logs.

Property	Type	Required	Description
`brokerLogs`	BrokerLogs	True	You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.

brokerLogs

You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.

Type: BrokerLogs
Required: True

MutableClusterInfo

Information about cluster attributes that can be updated via update APIs.

Property	Type	Required	Description
`brokerCountUpdateInfo`	BrokerCountUpdateInfo	False	Describes brokers being changed during a broker count update.
`brokerEBSVolumeInfo`	Array of type BrokerEBSVolumeInfo	False	Specifies the size of the EBS volume and the ID of the associated broker.
`clientAuthentication`	ClientAuthentication	False	Client Authentication details.
`configurationInfo`	ConfigurationInfo	False	Information about the changes in the configuration of the brokers.
`connectivityInfo`	ConnectivityInfo	False	Defines the connectivity setting of the cluster.
`encryptionInfo`	EncryptionInfo	False	Encryption details.
`enhancedMonitoring`	EnhancedMonitoring	False	The monitoring level.
`instanceType`	string	False	The broker type.
`kafkaVersion`	string	False	The Apache Kafka version.
`loggingInfo`	LoggingInfo	False	LoggingInfo details.
`numberOfBrokerNodes`	integer	False	The number of broker nodes in the cluster.
`openMonitoring`	OpenMonitoring	False	Open monitoring details.
`rebalancing`	Rebalancing	False	Specifies if intelligent rebalancing is turned on for your cluster. The default intelligent rebalancing status is `ACTIVE` for all new MSK Provisioned clusters that you create with Express brokers.
`storageMode`	StorageMode	False	This controls storage mode for supported storage tiers.

encryptionInfo

Encryption details.

Type: EncryptionInfo
Required: False

configurationInfo

Information about the changes in the configuration of the brokers.

Type: ConfigurationInfo
Required: False

brokerCountUpdateInfo

Describes brokers being changed during a broker count update.

Type: BrokerCountUpdateInfo
Required: False

instanceType

The broker type.

Type: string
Required: False

loggingInfo

LoggingInfo details.

Type: LoggingInfo
Required: False

brokerEBSVolumeInfo

Specifies the size of the EBS volume and the ID of the associated broker.

Type: Array of type BrokerEBSVolumeInfo
Required: False

numberOfBrokerNodes

The number of broker nodes in the cluster.

Type: integer
Required: False

enhancedMonitoring

The monitoring level.

Type: EnhancedMonitoring
Required: False

storageMode

This controls storage mode for supported storage tiers.

Type: StorageMode
Required: False

kafkaVersion

The Apache Kafka version.

Type: string
Required: False

connectivityInfo

Defines the connectivity setting of the cluster.

Type: ConnectivityInfo
Required: False

clientAuthentication

Client Authentication details.

Type: ClientAuthentication
Required: False

openMonitoring

Open monitoring details.

Type: OpenMonitoring
Required: False

rebalancing

Specifies if intelligent rebalancing is turned on for your cluster. The default intelligent rebalancing status is ACTIVE for all new MSK Provisioned clusters that you create with Express brokers.

Type: Rebalancing
Required: False

NodeExporter

Indicates whether you want to enable or disable the Node Exporter.

Property	Type	Required	Description
`enabledInBroker`	boolean	True	Indicates whether you want to enable or disable the Node Exporter.

enabledInBroker

Indicates whether you want to enable or disable the Node Exporter.

Type: boolean
Required: True

OpenMonitoring

JMX and Node monitoring for the MSK cluster.

Property	Type	Required	Description
`prometheus`	Prometheus	True	Prometheus exporter settings.

prometheus

Prometheus exporter settings.

Type: Prometheus
Required: True

Prometheus

Prometheus settings for open monitoring.

Property	Type	Required	Description
`jmxExporter`	JmxExporter	False	Indicates whether you want to enable or disable the JMX Exporter.
`nodeExporter`	NodeExporter	False	Indicates whether you want to enable or disable the Node Exporter.

nodeExporter

Indicates whether you want to enable or disable the Node Exporter.

Type: NodeExporter
Required: False

jmxExporter

Indicates whether you want to enable or disable the JMX Exporter.

Type: JmxExporter
Required: False

ProvisionedThroughput

Contains information about provisioned throughput for EBS storage volumes attached to kafka broker nodes.

Property	Type	Required	Description
`enabled`	boolean	False	Provisioned throughput is enabled or not.
`volumeThroughput`	integer	False	Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.

volumeThroughput

Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.

Type: integer
Required: False

enabled

Provisioned throughput is enabled or not.

Type: boolean
Required: False

PublicAccess

Broker access controls

Property	Type	Required	Description
`type`	string	False	DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.

type

DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.

Type: string
Required: False

Rebalancing

Specifies whether or not intelligent rebalancing is turned on for a newly created MSK Provisioned cluster with Express brokers. Intelligent rebalancing performs automatic partition balancing operations when you scale your clusters up or down.

By default, intelligent rebalancing is ACTIVE for all new Express-based clusters.

Property	Type	Required	Description
`status`	RebalancingStatus	True	Intelligent rebalancing status. The default intelligent rebalancing status is `ACTIVE` for all new Express-based clusters.

status

Intelligent rebalancing status. The default intelligent rebalancing status is ACTIVE for all new Express-based clusters.

Type: RebalancingStatus
Required: True

RebalancingStatus

Intelligent rebalancing status. The default intelligent rebalancing status is ACTIVE for all new Express-based clusters.

PAUSED
ACTIVE

S3

The details of the Amazon S3 destination for broker logs.

Property	Type	Required	Description
`bucket`	string	False	The name of the S3 bucket that is the destination for broker logs.
`enabled`	boolean	True	Specifies whether broker logs get sent to the specified Amazon S3 destination.
`prefix`	string	False	The S3 prefix that is the destination for broker logs.

bucket

The name of the S3 bucket that is the destination for broker logs.

Type: string
Required: False

prefix

The S3 prefix that is the destination for broker logs.

Type: string
Required: False

enabled

Specifies whether broker logs get sent to the specified Amazon S3 destination.

Type: boolean
Required: True

Sasl

Property	Type	Required	Description
`iam`	IAM	False	Details for ClientAuthentication using IAM.
`scram`	Scram	False	Details for SASL/SCRAM client authentication.

iam

Details for ClientAuthentication using IAM.

Type: IAM
Required: False

scram

Details for SASL/SCRAM client authentication.

Type: Scram
Required: False

Scram

Details for SASL/SCRAM client authentication.

Property	Type	Required	Description
`enabled`	boolean	False	SASL/SCRAM authentication is enabled or not.

enabled

SASL/SCRAM authentication is enabled or not.

Type: boolean
Required: False

StorageMode

Controls storage mode for various supported storage tiers.

LOCAL
TIERED

Tls

Details for client authentication using TLS.

Property	Type	Required	Description
`certificateAuthorityArnList`	Array of type string	False	List of Amazon Private CA Amazon Resource Name (ARN)s.
`enabled`	boolean	False	TLS authentication is enabled or not.

certificateAuthorityArnList

List of Amazon Private CA Amazon Resource Name (ARN)s.

Type: Array of type string
Required: False

enabled

TLS authentication is enabled or not.

Type: boolean
Required: False

Unauthenticated

Details for allowing no client authentication.

Property	Type	Required	Description
`enabled`	boolean	False	Unauthenticated is enabled or not.

enabled

Unauthenticated is enabled or not.

Type: boolean
Required: False

UserIdentity

Description of the requester that calls the API operation.

Property	Type	Required	Description
`principalId`	string	False	A unique identifier for the requester that calls the API operation.
`type`	UserIdentityType	False	The identity type of the requester that calls the API operation.

principalId

A unique identifier for the requester that calls the API operation.

Type: string
Required: False

type

The identity type of the requester that calls the API operation.

Type: UserIdentityType
Required: False

UserIdentityType

The identity type of the requester that calls the API operation.

AWSAccount
AWSService

VpcConnectionInfo

Description of the VPC connection.

Property	Type	Required	Description
`creationTime`	string	False	The time when Amazon MSK creates the VPC Connnection.
`owner`	string	False	The owner of the VPC Connection.
`userIdentity`	UserIdentity	False	Description of the requester that calls the API operation.
`vpcConnectionArn`	string	False	The Amazon Resource Name (ARN) of the VPC connection.

owner

The owner of the VPC Connection.

Type: string
Required: False

vpcConnectionArn

The Amazon Resource Name (ARN) of the VPC connection.

Type: string
Required: False

creationTime

The time when Amazon MSK creates the VPC Connnection.

Type: string
Required: False

userIdentity

Description of the requester that calls the API operation.

Type: UserIdentity
Required: False

VpcConnectivity

VPC connection control settings for brokers.

Property	Type	Required	Description
`clientAuthentication`	VpcConnectivityClientAuthentication	False	VPC connection control settings for brokers.

clientAuthentication

VPC connection control settings for brokers.

Type: VpcConnectivityClientAuthentication
Required: False

VpcConnectivityClientAuthentication

Includes all client authentication information for VpcConnectivity.

Property	Type	Required	Description
`sasl`	VpcConnectivitySasl	False	Details for VpcConnectivity ClientAuthentication using SASL.
`tls`	VpcConnectivityTls	False	Details for VpcConnectivity ClientAuthentication using TLS.

sasl

Details for VpcConnectivity ClientAuthentication using SASL.

Type: VpcConnectivitySasl
Required: False

tls

Details for VpcConnectivity ClientAuthentication using TLS.

Type: VpcConnectivityTls
Required: False

VpcConnectivityIAM

Details for SASL/IAM client authentication for VpcConnectivity.

Property	Type	Required	Description
`enabled`	boolean	False	SASL/IAM authentication is enabled or not.

enabled

SASL/IAM authentication is enabled or not.

Type: boolean
Required: False

VpcConnectivitySasl

Details for client authentication using SASL for VpcConnectivity.

Property	Type	Required	Description
`iam`	VpcConnectivityIAM	False	Details for ClientAuthentication using IAM for VpcConnectivity.
`scram`	VpcConnectivityScram	False	Details for SASL/SCRAM client authentication for VpcConnectivity.

iam

Details for ClientAuthentication using IAM for VpcConnectivity.

Type: VpcConnectivityIAM
Required: False

scram

Details for SASL/SCRAM client authentication for VpcConnectivity.

Type: VpcConnectivityScram
Required: False

VpcConnectivityScram

Details for SASL/SCRAM client authentication for vpcConnectivity.

Property	Type	Required	Description
`enabled`	boolean	False	SASL/SCRAM authentication is enabled or not.

enabled

SASL/SCRAM authentication is enabled or not.

Type: boolean
Required: False

VpcConnectivityTls

Details for client authentication using TLS for vpcConnectivity.

Property	Type	Required	Description
`enabled`	boolean	False	TLS authentication is enabled or not.

enabled

TLS authentication is enabled or not.

Type: boolean
Required: False

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Cluster Operation

Cluster Security