This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::MSK::Cluster Creates a new MSK cluster. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "Type" : "AWS::MSK::Cluster", "Properties" : { "[BrokerNodeGroupInfo](#cfn-msk-cluster-brokernodegroupinfo)" : BrokerNodeGroupInfo, "[ClientAuthentication](#cfn-msk-cluster-clientauthentication)" : ClientAuthentication, "[ClusterName](#cfn-msk-cluster-clustername)" : String, "[ConfigurationInfo](#cfn-msk-cluster-configurationinfo)" : ConfigurationInfo, "[EncryptionInfo](#cfn-msk-cluster-encryptioninfo)" : EncryptionInfo, "[EnhancedMonitoring](#cfn-msk-cluster-enhancedmonitoring)" : String, "[KafkaVersion](#cfn-msk-cluster-kafkaversion)" : String, "[LoggingInfo](#cfn-msk-cluster-logginginfo)" : LoggingInfo, "[NumberOfBrokerNodes](#cfn-msk-cluster-numberofbrokernodes)" : Integer, "[OpenMonitoring](#cfn-msk-cluster-openmonitoring)" : OpenMonitoring, "[Rebalancing](#cfn-msk-cluster-rebalancing)" : Rebalancing, "[StorageMode](#cfn-msk-cluster-storagemode)" : String, "[Tags](#cfn-msk-cluster-tags)" : {Key: Value, ...} } } ``` ### YAML ``` Type: AWS::MSK::Cluster Properties: [BrokerNodeGroupInfo](#cfn-msk-cluster-brokernodegroupinfo): BrokerNodeGroupInfo [ClientAuthentication](#cfn-msk-cluster-clientauthentication): ClientAuthentication [ClusterName](#cfn-msk-cluster-clustername): String [ConfigurationInfo](#cfn-msk-cluster-configurationinfo): ConfigurationInfo [EncryptionInfo](#cfn-msk-cluster-encryptioninfo): EncryptionInfo [EnhancedMonitoring](#cfn-msk-cluster-enhancedmonitoring): String [KafkaVersion](#cfn-msk-cluster-kafkaversion): String [LoggingInfo](#cfn-msk-cluster-logginginfo): LoggingInfo [NumberOfBrokerNodes](#cfn-msk-cluster-numberofbrokernodes): Integer [OpenMonitoring](#cfn-msk-cluster-openmonitoring): OpenMonitoring [Rebalancing](#cfn-msk-cluster-rebalancing): Rebalancing [StorageMode](#cfn-msk-cluster-storagemode): String [Tags](#cfn-msk-cluster-tags): Key: Value ``` ## Properties `BrokerNodeGroupInfo` Information about the broker nodes in the cluster. *Required*: Yes *Type*: [BrokerNodeGroupInfo](aws-properties-msk-cluster-brokernodegroupinfo.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `ClientAuthentication` Includes all client authentication related information. *Required*: No *Type*: [ClientAuthentication](aws-properties-msk-cluster-clientauthentication.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `ClusterName` The name of the cluster. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `64` *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) `ConfigurationInfo` Represents the configuration that you want MSK to use for the cluster. *Required*: No *Type*: [ConfigurationInfo](aws-properties-msk-cluster-configurationinfo.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `EncryptionInfo` Includes all encryption-related information. *Required*: No *Type*: [EncryptionInfo](aws-properties-msk-cluster-encryptioninfo.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `EnhancedMonitoring` Specifies the level of monitoring for the MSK cluster. *Required*: No *Type*: String *Allowed values*: `DEFAULT | PER_BROKER | PER_TOPIC_PER_BROKER | PER_TOPIC_PER_PARTITION` *Minimum*: `7` *Maximum*: `23` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `KafkaVersion` The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html). *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `128` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `LoggingInfo` Logging info details for the cluster. *Required*: No *Type*: [LoggingInfo](aws-properties-msk-cluster-logginginfo.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `NumberOfBrokerNodes` The number of broker nodes in the cluster. *Required*: Yes *Type*: Integer *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `OpenMonitoring` The settings for open monitoring. *Required*: No *Type*: [OpenMonitoring](aws-properties-msk-cluster-openmonitoring.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Rebalancing` Property description not available. *Required*: No *Type*: [Rebalancing](aws-properties-msk-cluster-rebalancing.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `StorageMode` This controls storage mode for supported storage tiers. *Required*: No *Type*: String *Allowed values*: `LOCAL | TIERED` *Minimum*: `5` *Maximum*: `6` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Tags` An arbitrary set of tags (key-value pairs) for the cluster. *Required*: No *Type*: Object of String *Pattern*: `^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) ## Return values ### Ref When you provide the logical ID of this resource to the `Ref` intrinsic function, `Ref` returns the ARN of the created MSK cluster. For example, `arn:aws:kafka:us-east-1:123456789012:cluster/myCluster/abcd1234-abcd-dcba-4321-a1b2abcd9f9f-2`. ### Fn::GetAtt `Fn::GetAtt` returns a value for a specified attribute of this type. The following are the available attributes and sample return values. #### `Arn` The Amazon Resource Name (ARN) of the MSK cluster. `CurrentVersion` Property description not available. # AWS::MSK::Cluster BrokerLogs The broker logs configuration for this MSK cluster. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[CloudWatchLogs](#cfn-msk-cluster-brokerlogs-cloudwatchlogs)" : CloudWatchLogs, "[Firehose](#cfn-msk-cluster-brokerlogs-firehose)" : Firehose, "[S3](#cfn-msk-cluster-brokerlogs-s3)" : S3 } ``` ### YAML ``` [CloudWatchLogs](#cfn-msk-cluster-brokerlogs-cloudwatchlogs): CloudWatchLogs [Firehose](#cfn-msk-cluster-brokerlogs-firehose): Firehose [S3](#cfn-msk-cluster-brokerlogs-s3): S3 ``` ## Properties `CloudWatchLogs` Property description not available. *Required*: No *Type*: [CloudWatchLogs](aws-properties-msk-cluster-cloudwatchlogs.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Firehose` Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs. *Required*: No *Type*: [Firehose](aws-properties-msk-cluster-firehose.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `S3` Details of the Amazon S3 destination for broker logs. *Required*: No *Type*: [S3](aws-properties-msk-cluster-s3.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster BrokerNodeGroupInfo Describes the setup to be used for the broker nodes in the cluster. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[BrokerAZDistribution](#cfn-msk-cluster-brokernodegroupinfo-brokerazdistribution)" : String, "[ClientSubnets](#cfn-msk-cluster-brokernodegroupinfo-clientsubnets)" : [ String, ... ], "[ConnectivityInfo](#cfn-msk-cluster-brokernodegroupinfo-connectivityinfo)" : ConnectivityInfo, "[InstanceType](#cfn-msk-cluster-brokernodegroupinfo-instancetype)" : String, "[SecurityGroups](#cfn-msk-cluster-brokernodegroupinfo-securitygroups)" : [ String, ... ], "[StorageInfo](#cfn-msk-cluster-brokernodegroupinfo-storageinfo)" : StorageInfo } ``` ### YAML ``` [BrokerAZDistribution](#cfn-msk-cluster-brokernodegroupinfo-brokerazdistribution): String [ClientSubnets](#cfn-msk-cluster-brokernodegroupinfo-clientsubnets): - String [ConnectivityInfo](#cfn-msk-cluster-brokernodegroupinfo-connectivityinfo): ConnectivityInfo [InstanceType](#cfn-msk-cluster-brokernodegroupinfo-instancetype): String [SecurityGroups](#cfn-msk-cluster-brokernodegroupinfo-securitygroups): - String [StorageInfo](#cfn-msk-cluster-brokernodegroupinfo-storageinfo): StorageInfo ``` ## Properties `BrokerAZDistribution` This parameter is currently not in use. *Required*: No *Type*: String *Minimum*: `6` *Maximum*: `9` *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) `ClientSubnets` The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data. If you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify. Client subnets can't occupy the Availability Zone with ID `use1-az3`. *Required*: Yes *Type*: Array of String *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) `ConnectivityInfo` Information about the cluster's connectivity setting. *Required*: No *Type*: [ConnectivityInfo](aws-properties-msk-cluster-connectivityinfo.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `InstanceType` The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html), Amazon MSK supports the following broker sizes: **Standard broker sizes** + kafka.t3.small **Note** You can't select the kafka.t3.small instance type when the metadata mode is KRaft. + kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge + kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge **Express broker sizes** + express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region. *Required*: Yes *Type*: String *Minimum*: `5` *Maximum*: `32` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `SecurityGroups` The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission. *Required*: No *Type*: Array of String *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) `StorageInfo` Contains information about storage volumes attached to Amazon MSK broker nodes. *Required*: No *Type*: [StorageInfo](aws-properties-msk-cluster-storageinfo.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster ClientAuthentication The `ClientAuthentication` property type specifies Property description not available. for an [AWS::MSK::Cluster](aws-resource-msk-cluster.md). ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Sasl](#cfn-msk-cluster-clientauthentication-sasl)" : Sasl, "[Tls](#cfn-msk-cluster-clientauthentication-tls)" : Tls, "[Unauthenticated](#cfn-msk-cluster-clientauthentication-unauthenticated)" : Unauthenticated } ``` ### YAML ``` [Sasl](#cfn-msk-cluster-clientauthentication-sasl): Sasl [Tls](#cfn-msk-cluster-clientauthentication-tls): Tls [Unauthenticated](#cfn-msk-cluster-clientauthentication-unauthenticated): Unauthenticated ``` ## Properties `Sasl` Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT`. If you choose `TLS_PLAINTEXT`, then you must also set `unauthenticated` to true. *Required*: No *Type*: [Sasl](aws-properties-msk-cluster-sasl.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Tls` Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS`. *Required*: No *Type*: [Tls](aws-properties-msk-cluster-tls.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Unauthenticated` Details for ClientAuthentication using no authentication. *Required*: No *Type*: [Unauthenticated](aws-properties-msk-cluster-unauthenticated.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster CloudWatchLogs Details of the CloudWatch Logs destination for broker logs. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Enabled](#cfn-msk-cluster-cloudwatchlogs-enabled)" : Boolean, "[LogGroup](#cfn-msk-cluster-cloudwatchlogs-loggroup)" : String } ``` ### YAML ``` [Enabled](#cfn-msk-cluster-cloudwatchlogs-enabled): Boolean [LogGroup](#cfn-msk-cluster-cloudwatchlogs-loggroup): String ``` ## Properties `Enabled` Specifies whether broker logs get sent to the specified CloudWatch Logs destination. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `LogGroup` The CloudWatch log group that is the destination for broker logs. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster ConfigurationInfo Specifies the configuration to use for the brokers. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Arn](#cfn-msk-cluster-configurationinfo-arn)" : String, "[Revision](#cfn-msk-cluster-configurationinfo-revision)" : Integer } ``` ### YAML ``` [Arn](#cfn-msk-cluster-configurationinfo-arn): String [Revision](#cfn-msk-cluster-configurationinfo-revision): Integer ``` ## Properties `Arn` ARN of the configuration to use. *Required*: Yes *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Revision` The revision of the configuration to use. *Required*: Yes *Type*: Integer *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster ConnectivityInfo Broker access controls. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[NetworkType](#cfn-msk-cluster-connectivityinfo-networktype)" : String, "[PublicAccess](#cfn-msk-cluster-connectivityinfo-publicaccess)" : PublicAccess, "[VpcConnectivity](#cfn-msk-cluster-connectivityinfo-vpcconnectivity)" : VpcConnectivity } ``` ### YAML ``` [NetworkType](#cfn-msk-cluster-connectivityinfo-networktype): String [PublicAccess](#cfn-msk-cluster-connectivityinfo-publicaccess): PublicAccess [VpcConnectivity](#cfn-msk-cluster-connectivityinfo-vpcconnectivity): VpcConnectivity ``` ## Properties `NetworkType` Property description not available. *Required*: No *Type*: String *Allowed values*: `IPV4 | DUAL` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `PublicAccess` Access control settings for the cluster's brokers. *Required*: No *Type*: [PublicAccess](aws-properties-msk-cluster-publicaccess.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `VpcConnectivity` VPC connection control settings for brokers. *Required*: No *Type*: [VpcConnectivity](aws-properties-msk-cluster-vpcconnectivity.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster EBSStorageInfo Contains information about the EBS storage volumes attached to the broker nodes. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[ProvisionedThroughput](#cfn-msk-cluster-ebsstorageinfo-provisionedthroughput)" : ProvisionedThroughput, "[VolumeSize](#cfn-msk-cluster-ebsstorageinfo-volumesize)" : Integer } ``` ### YAML ``` [ProvisionedThroughput](#cfn-msk-cluster-ebsstorageinfo-provisionedthroughput): ProvisionedThroughput [VolumeSize](#cfn-msk-cluster-ebsstorageinfo-volumesize): Integer ``` ## Properties `ProvisionedThroughput` EBS volume provisioned throughput information. *Required*: No *Type*: [ProvisionedThroughput](aws-properties-msk-cluster-provisionedthroughput.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `VolumeSize` The size in GiB of the EBS volume for the data drive on each broker node. *Required*: No *Type*: Integer *Minimum*: `1` *Maximum*: `16384` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster EncryptionAtRest The data-volume encryption details. You can't update encryption at rest settings for existing clusters. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[DataVolumeKMSKeyId](#cfn-msk-cluster-encryptionatrest-datavolumekmskeyid)" : String } ``` ### YAML ``` [DataVolumeKMSKeyId](#cfn-msk-cluster-encryptionatrest-datavolumekmskeyid): String ``` ## Properties `DataVolumeKMSKeyId` The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it. *Required*: Yes *Type*: String *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) # AWS::MSK::Cluster EncryptionInfo Includes encryption-related information, such as the Amazon KMS key used for encrypting data at rest and whether you want MSK to encrypt your data in transit. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[EncryptionAtRest](#cfn-msk-cluster-encryptioninfo-encryptionatrest)" : EncryptionAtRest, "[EncryptionInTransit](#cfn-msk-cluster-encryptioninfo-encryptionintransit)" : EncryptionInTransit } ``` ### YAML ``` [EncryptionAtRest](#cfn-msk-cluster-encryptioninfo-encryptionatrest): EncryptionAtRest [EncryptionInTransit](#cfn-msk-cluster-encryptioninfo-encryptionintransit): EncryptionInTransit ``` ## Properties `EncryptionAtRest` The data-volume encryption details. *Required*: No *Type*: [EncryptionAtRest](aws-properties-msk-cluster-encryptionatrest.md) *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) `EncryptionInTransit` The details for encryption in transit. *Required*: No *Type*: [EncryptionInTransit](aws-properties-msk-cluster-encryptionintransit.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster EncryptionInTransit The settings for encrypting data in transit. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[ClientBroker](#cfn-msk-cluster-encryptionintransit-clientbroker)" : String, "[InCluster](#cfn-msk-cluster-encryptionintransit-incluster)" : Boolean } ``` ### YAML ``` [ClientBroker](#cfn-msk-cluster-encryptionintransit-clientbroker): String [InCluster](#cfn-msk-cluster-encryptionintransit-incluster): Boolean ``` ## Properties `ClientBroker` Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values. + `TLS`: Indicates that client-broker communication is enabled with TLS only. + `TLS_PLAINTEXT`: Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data. + `PLAINTEXT`: Indicates that client-broker communication is enabled in plaintext only. The default value is `TLS`. *Required*: No *Type*: String *Allowed values*: `TLS | TLS_PLAINTEXT | PLAINTEXT` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `InCluster` When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext. The default value is true. *Required*: No *Type*: Boolean *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) # AWS::MSK::Cluster Firehose Firehose details for BrokerLogs. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[DeliveryStream](#cfn-msk-cluster-firehose-deliverystream)" : String, "[Enabled](#cfn-msk-cluster-firehose-enabled)" : Boolean } ``` ### YAML ``` [DeliveryStream](#cfn-msk-cluster-firehose-deliverystream): String [Enabled](#cfn-msk-cluster-firehose-enabled): Boolean ``` ## Properties `DeliveryStream` The Kinesis Data Firehose delivery stream that is the destination for broker logs. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Enabled` Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster Iam Details for SASL/IAM client authentication. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Enabled](#cfn-msk-cluster-iam-enabled)" : Boolean } ``` ### YAML ``` [Enabled](#cfn-msk-cluster-iam-enabled): Boolean ``` ## Properties `Enabled` SASL/IAM authentication is enabled or not. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster JmxExporter Indicates whether you want to enable or disable the JMX Exporter. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[EnabledInBroker](#cfn-msk-cluster-jmxexporter-enabledinbroker)" : Boolean } ``` ### YAML ``` [EnabledInBroker](#cfn-msk-cluster-jmxexporter-enabledinbroker): Boolean ``` ## Properties `EnabledInBroker` Indicates whether you want to enable or disable the JMX Exporter. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster LoggingInfo You can configure your MSK cluster to send broker logs to different destination types. This is a container for the configuration details related to broker logs. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[BrokerLogs](#cfn-msk-cluster-logginginfo-brokerlogs)" : BrokerLogs } ``` ### YAML ``` [BrokerLogs](#cfn-msk-cluster-logginginfo-brokerlogs): BrokerLogs ``` ## Properties `BrokerLogs` You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations. *Required*: Yes *Type*: [BrokerLogs](aws-properties-msk-cluster-brokerlogs.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster NodeExporter Indicates whether you want to enable or disable the Node Exporter. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[EnabledInBroker](#cfn-msk-cluster-nodeexporter-enabledinbroker)" : Boolean } ``` ### YAML ``` [EnabledInBroker](#cfn-msk-cluster-nodeexporter-enabledinbroker): Boolean ``` ## Properties `EnabledInBroker` Indicates whether you want to enable or disable the Node Exporter. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster OpenMonitoring JMX and Node monitoring for the MSK cluster. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Prometheus](#cfn-msk-cluster-openmonitoring-prometheus)" : Prometheus } ``` ### YAML ``` [Prometheus](#cfn-msk-cluster-openmonitoring-prometheus): Prometheus ``` ## Properties `Prometheus` Prometheus exporter settings. *Required*: Yes *Type*: [Prometheus](aws-properties-msk-cluster-prometheus.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster Prometheus Prometheus settings for open monitoring. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[JmxExporter](#cfn-msk-cluster-prometheus-jmxexporter)" : JmxExporter, "[NodeExporter](#cfn-msk-cluster-prometheus-nodeexporter)" : NodeExporter } ``` ### YAML ``` [JmxExporter](#cfn-msk-cluster-prometheus-jmxexporter): JmxExporter [NodeExporter](#cfn-msk-cluster-prometheus-nodeexporter): NodeExporter ``` ## Properties `JmxExporter` Indicates whether you want to enable or disable the JMX Exporter. *Required*: No *Type*: [JmxExporter](aws-properties-msk-cluster-jmxexporter.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `NodeExporter` Indicates whether you want to enable or disable the Node Exporter. *Required*: No *Type*: [NodeExporter](aws-properties-msk-cluster-nodeexporter.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster ProvisionedThroughput Contains information about provisioned throughput for EBS storage volumes attached to kafka broker nodes. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Enabled](#cfn-msk-cluster-provisionedthroughput-enabled)" : Boolean, "[VolumeThroughput](#cfn-msk-cluster-provisionedthroughput-volumethroughput)" : Integer } ``` ### YAML ``` [Enabled](#cfn-msk-cluster-provisionedthroughput-enabled): Boolean [VolumeThroughput](#cfn-msk-cluster-provisionedthroughput-volumethroughput): Integer ``` ## Properties `Enabled` Provisioned throughput is on or off. *Required*: No *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `VolumeThroughput` Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second. *Required*: No *Type*: Integer *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster PublicAccess Broker access controls ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Type](#cfn-msk-cluster-publicaccess-type)" : String } ``` ### YAML ``` [Type](#cfn-msk-cluster-publicaccess-type): String ``` ## Properties `Type` DISABLED means that public access is turned off. SERVICE\$1PROVIDED\$1EIPS means that public access is turned on. *Required*: No *Type*: String *Minimum*: `7` *Maximum*: `23` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster Rebalancing The `Rebalancing` property type specifies Property description not available. for an [AWS::MSK::Cluster](aws-resource-msk-cluster.md). ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Status](#cfn-msk-cluster-rebalancing-status)" : String } ``` ### YAML ``` [Status](#cfn-msk-cluster-rebalancing-status): String ``` ## Properties `Status` Property description not available. *Required*: Yes *Type*: String *Allowed values*: `PAUSED | ACTIVE` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster S3 The details of the Amazon S3 destination for broker logs. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Bucket](#cfn-msk-cluster-s3-bucket)" : String, "[Enabled](#cfn-msk-cluster-s3-enabled)" : Boolean, "[Prefix](#cfn-msk-cluster-s3-prefix)" : String } ``` ### YAML ``` [Bucket](#cfn-msk-cluster-s3-bucket): String [Enabled](#cfn-msk-cluster-s3-enabled): Boolean [Prefix](#cfn-msk-cluster-s3-prefix): String ``` ## Properties `Bucket` The name of the S3 bucket that is the destination for broker logs. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Enabled` Specifies whether broker logs get sent to the specified Amazon S3 destination. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Prefix` The S3 prefix that is the destination for broker logs. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster Sasl Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT`. If you choose `TLS_PLAINTEXT`, then you must also set `unauthenticated` to true. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Iam](#cfn-msk-cluster-sasl-iam)" : Iam, "[Scram](#cfn-msk-cluster-sasl-scram)" : Scram } ``` ### YAML ``` [Iam](#cfn-msk-cluster-sasl-iam): Iam [Scram](#cfn-msk-cluster-sasl-scram): Scram ``` ## Properties `Iam` Details for ClientAuthentication using IAM. *Required*: No *Type*: [Iam](aws-properties-msk-cluster-iam.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Scram` Details for SASL/SCRAM client authentication. *Required*: No *Type*: [Scram](aws-properties-msk-cluster-scram.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster Scram Details for SASL/SCRAM client authentication. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Enabled](#cfn-msk-cluster-scram-enabled)" : Boolean } ``` ### YAML ``` [Enabled](#cfn-msk-cluster-scram-enabled): Boolean ``` ## Properties `Enabled` SASL/SCRAM authentication is enabled or not. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster StorageInfo Contains information about storage volumes attached to Amazon MSK broker nodes. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[EBSStorageInfo](#cfn-msk-cluster-storageinfo-ebsstorageinfo)" : EBSStorageInfo } ``` ### YAML ``` [EBSStorageInfo](#cfn-msk-cluster-storageinfo-ebsstorageinfo): EBSStorageInfo ``` ## Properties `EBSStorageInfo` EBS volume information. *Required*: No *Type*: [EBSStorageInfo](aws-properties-msk-cluster-ebsstorageinfo.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster Tls Details for client authentication using TLS. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[CertificateAuthorityArnList](#cfn-msk-cluster-tls-certificateauthorityarnlist)" : [ String, ... ], "[Enabled](#cfn-msk-cluster-tls-enabled)" : Boolean } ``` ### YAML ``` [CertificateAuthorityArnList](#cfn-msk-cluster-tls-certificateauthorityarnlist): - String [Enabled](#cfn-msk-cluster-tls-enabled): Boolean ``` ## Properties `CertificateAuthorityArnList` List of AWS Private CA ARNs. *Required*: No *Type*: Array of String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Enabled` TLS authentication is enabled or not. *Required*: No *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster Unauthenticated Details for allowing no client authentication. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Enabled](#cfn-msk-cluster-unauthenticated-enabled)" : Boolean } ``` ### YAML ``` [Enabled](#cfn-msk-cluster-unauthenticated-enabled): Boolean ``` ## Properties `Enabled` Unauthenticated is enabled or not. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster VpcConnectivity VPC connection control settings for brokers. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[ClientAuthentication](#cfn-msk-cluster-vpcconnectivity-clientauthentication)" : VpcConnectivityClientAuthentication } ``` ### YAML ``` [ClientAuthentication](#cfn-msk-cluster-vpcconnectivity-clientauthentication): VpcConnectivityClientAuthentication ``` ## Properties `ClientAuthentication` VPC connection control settings for brokers. *Required*: No *Type*: [VpcConnectivityClientAuthentication](aws-properties-msk-cluster-vpcconnectivityclientauthentication.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster VpcConnectivityClientAuthentication Includes all client authentication information for VpcConnectivity. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Sasl](#cfn-msk-cluster-vpcconnectivityclientauthentication-sasl)" : VpcConnectivitySasl, "[Tls](#cfn-msk-cluster-vpcconnectivityclientauthentication-tls)" : VpcConnectivityTls } ``` ### YAML ``` [Sasl](#cfn-msk-cluster-vpcconnectivityclientauthentication-sasl): VpcConnectivitySasl [Tls](#cfn-msk-cluster-vpcconnectivityclientauthentication-tls): VpcConnectivityTls ``` ## Properties `Sasl` Details for VpcConnectivity ClientAuthentication using SASL. *Required*: No *Type*: [VpcConnectivitySasl](aws-properties-msk-cluster-vpcconnectivitysasl.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Tls` Details for VpcConnectivity ClientAuthentication using TLS. *Required*: No *Type*: [VpcConnectivityTls](aws-properties-msk-cluster-vpcconnectivitytls.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster VpcConnectivityIam Details for SASL/IAM client authentication for VpcConnectivity. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Enabled](#cfn-msk-cluster-vpcconnectivityiam-enabled)" : Boolean } ``` ### YAML ``` [Enabled](#cfn-msk-cluster-vpcconnectivityiam-enabled): Boolean ``` ## Properties `Enabled` SASL/IAM authentication is enabled or not. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster VpcConnectivitySasl Details for client authentication using SASL for VpcConnectivity. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Iam](#cfn-msk-cluster-vpcconnectivitysasl-iam)" : VpcConnectivityIam, "[Scram](#cfn-msk-cluster-vpcconnectivitysasl-scram)" : VpcConnectivityScram } ``` ### YAML ``` [Iam](#cfn-msk-cluster-vpcconnectivitysasl-iam): VpcConnectivityIam [Scram](#cfn-msk-cluster-vpcconnectivitysasl-scram): VpcConnectivityScram ``` ## Properties `Iam` Details for ClientAuthentication using IAM for VpcConnectivity. *Required*: No *Type*: [VpcConnectivityIam](aws-properties-msk-cluster-vpcconnectivityiam.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Scram` Details for SASL/SCRAM client authentication for VpcConnectivity. *Required*: No *Type*: [VpcConnectivityScram](aws-properties-msk-cluster-vpcconnectivityscram.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster VpcConnectivityScram Details for SASL/SCRAM client authentication for VpcConnectivity. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Enabled](#cfn-msk-cluster-vpcconnectivityscram-enabled)" : Boolean } ``` ### YAML ``` [Enabled](#cfn-msk-cluster-vpcconnectivityscram-enabled): Boolean ``` ## Properties `Enabled` SASL/SCRAM authentication is enabled or not. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::MSK::Cluster VpcConnectivityTls Details for client authentication using TLS for VpcConnectivity. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Enabled](#cfn-msk-cluster-vpcconnectivitytls-enabled)" : Boolean } ``` ### YAML ``` [Enabled](#cfn-msk-cluster-vpcconnectivitytls-enabled): Boolean ``` ## Properties `Enabled` TLS authentication is enabled or not. *Required*: Yes *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)