From 64ac6754ec3cff84baeec508c7b6abc8473c0bff Mon Sep 17 00:00:00 2001 From: Javi Rodriguez <63903895+xavirg@users.noreply.github.com> Date: Wed, 22 Jan 2025 15:42:30 +0100 Subject: [PATCH 1/3] Add test for IAM mechanism without usr/pwd credentials --- exporter/kafkaexporter/config_test.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/exporter/kafkaexporter/config_test.go b/exporter/kafkaexporter/config_test.go index 3264e996cbe5..abf7246fda9a 100644 --- a/exporter/kafkaexporter/config_test.go +++ b/exporter/kafkaexporter/config_test.go @@ -294,6 +294,22 @@ func TestValidate_sasl_version(t *testing.T) { assert.EqualError(t, err, "auth.sasl.version has to be either 0 or 1. configured value 42") } +func TestValidate_sasl_iam(t *testing.T) { + config := &Config{ + Producer: Producer{ + Compression: "none", + }, + Authentication: kafka.Authentication{ + SASL: &kafka.SASLConfig{ + Mechanism: "AWS_MSK_IAM", + }, + }, + } + + err := config.Validate() + assert.Equal(t, err, nil) +} + func Test_saramaProducerCompressionCodec(t *testing.T) { tests := map[string]struct { compression string From 9ba83330d53575cfacf79e10be4f481a0f95a3d3 Mon Sep 17 00:00:00 2001 From: Javi Rodriguez <63903895+xavirg@users.noreply.github.com> Date: Wed, 22 Jan 2025 15:43:57 +0100 Subject: [PATCH 2/3] Skip usr/pwd validation if IAM mechanism is selected --- exporter/kafkaexporter/config.go | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/exporter/kafkaexporter/config.go b/exporter/kafkaexporter/config.go index aac2cf77c097..6c66cc121cad 100644 --- a/exporter/kafkaexporter/config.go +++ b/exporter/kafkaexporter/config.go @@ -135,12 +135,13 @@ func validateSASLConfig(c *kafka.SASLConfig) error { return nil } - if c.Username == "" { - return fmt.Errorf("auth.sasl.username is required") - } - - if c.Password == "" { - return fmt.Errorf("auth.sasl.password is required") + if c.Mechanism != "AWS_MSK_IAM" && c.Mechanism != "AWS_MSK_IAM_OAUTHBEARER" { + if c.Username == "" { + return fmt.Errorf("auth.sasl.username is required") + } + if c.Password == "" { + return fmt.Errorf("auth.sasl.password is required") + } } switch c.Mechanism { From 328981414c3ccaf4f73d797cd17997fa7dba682c Mon Sep 17 00:00:00 2001 From: Javi Rodriguez Date: Fri, 24 Jan 2025 09:23:46 +0100 Subject: [PATCH 3/3] add chlog entry --- .chloggen/main.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .chloggen/main.yaml diff --git a/.chloggen/main.yaml b/.chloggen/main.yaml new file mode 100644 index 000000000000..9f7f2d0fdfd5 --- /dev/null +++ b/.chloggen/main.yaml @@ -0,0 +1,27 @@ +# Use this changelog template to create an entry for release notes. + +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. filelogreceiver) +component: exporter/kafka + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: do not ask for user and password if auth mechanism is set to AWS IAM + +# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists. +issues: [37417] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: + +# If your change doesn't affect end users or the exported elements of any package, +# you should instead start your pull request title with [chore] or use the "Skip Changelog" label. +# Optional: The change log or logs in which this entry should be included. +# e.g. '[user]' or '[user, api]' +# Include 'user' if the change is relevant to end users. +# Include 'api' if there is a change to a library API. +# Default: '[user]' +change_logs: []