Configuration Reference for AWS Lambda Sink Connector for Confluent Platform

To use this connector, specify the name of the connector class in the connector.class configuration property.

connector.class=io.confluent.connect.aws.lambda.AwsLambdaSinkConnector

Connector-specific configuration properties are described below.

Note

These are properties for the self-managed connector. If you are using Confluent Cloud, see AWS Lambda Sink Connector for Confluent Cloud.

AWS Lambda

It is important to note that the AWS Lambda Sink connector does not support a specific setting for socket timeout–instead, the connector relies on a default value which is set to 50 seconds.

aws.lambda.function.name

The AWS Lambda function to invoke. You can specify a function version or alias by appending it to the function name with a colon (:). For example: function:1 for version 1, or function:alias for an alias. This enables dynamic routing to specific versions without updating the function name.

  • Type: string

  • Valid Values: non-empty string

  • Importance: high

aws.lambda.region

The AWS region where the lambda is defined.

  • Type: string

  • Default: null

  • Importance: medium

aws.access.key.id

The Access Key ID for AWS.

  • Type: password

  • Default: null

  • Importance: medium

aws.secret.access.key

The Access Key for AWS.

  • Type: password

  • Default: null

  • Importance: medium

aws.lambda.invocation.type

The mode in which the AWS Lambda function is invoked. Supported modes are:

sync

In this mode, records are processed sequentially. The result or error from AWS Lambda function can optionally be saved to a Kafka topic.

async

In this mode, records may not be processed sequentially. The connector does not save the result or error from the AWS Lambda function execution. You can configure a dead letter queue in AWS to record function errors.

  • Type: string

  • Default: sync

  • Valid Values: [sync, async]

  • Importance: high

aws.lambda.batch.size

The maximum number of Kafka records to combine in a single AWS Lambda function invocation. You should set this as high as possible, without exceeding AWS Lambda invocation payload limits. To disable batching of records, set this value to 1.

  • Type: int

  • Default: 20

  • Valid Values: [1,…]

  • Importance: high

record.converter.class

Record converter class to convert Kafka records to AWS Lambda payload. By default, the connector uses JsonKeyValueConverter.

  • Type: class

  • Default: io.confluent.connect.aws.lambda.converters.JsonKeyValueConverter

  • Importance: low

behavior.on.error

The error handling behavior for AWS Lambda function invocations must be set to one of the following parameters:

fail

Stops the connector in case of an error.

ignore

Continues to process next set of records.

log

Logs the error message in a Kafka topic and continues processing. For further details, see the reporter.error.topic.name parameter in the Connect Reporter section of the HTTP Sink connector configuration page.

  • Type: string

  • Default: fail

  • Valid Values: [fail, ignore, log]

  • Importance: medium

aws.credentials.provider.class

Credentials provider or provider chain to use for authentication to AWS. By default, the connector uses DefaultCredentialsProvider.

  • Type: class

  • Default: software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider

  • Valid Values: Any class implementing: software.amazon.awssdk.auth.credentials.AwsCredentialsProvider

  • Importance: low

aws.lambda.socket.timeout

The socket timeout for the AWS Lambda client is the maximum time, in milliseconds, it waits for a response from the AWS Lambda service before timing out. By default, this duration is set to 50,000 milliseconds.

  • Type: int

  • Default: 50000

  • Min. Value: 1000

  • Max. Value: 600000

  • Importance: Low

Connect Reporter

For more information about Reporter, see Connect Reporter.

reporter.result.topic.name

The name of the topic to produce records to after successfully processing a sink record. Use ${connector} within the pattern to specify the current connector name. Leave blank to disable error reporting behavior.

  • Type: string

  • Default: ${connector}-success

  • Valid Values: Replacing ${connector} must be either Valid topic names that contain 1-249 ASCII alphanumeric, +, ., _ and - characters.

  • Importance: medium

reporter.result.topic.replication.factor

The replication factor of the result topic when it is automatically created by this connector. This determines how many broker failures can be tolerated before data loss occurs. This should be 1 in development environments and ALWAYS at least 3 in production environments.

  • Type: short

  • Default: 3

  • Valid Values: [1,…]

  • Importance: medium

reporter.result.topic.partitions

The number of partitions in the result topic when it is automatically created by this connector. This number of partitions should be the same as the number of input partitions to handle the potential throughput.

  • Type: int

  • Default: 1

  • Valid Values: [1,…]

  • Importance: medium

reporter.error.topic.name

The name of the topic to produce records to after each unsuccessful record sink attempt. Use ${connector} within the pattern to specify the current connector name. Leave blank to disable error reporting behavior.

  • Type: string

  • Default: ${connector}-error

  • Valid Values: Replacing ${connector} must be either Valid topic names that contain 1-249 ASCII alphanumeric, +, ., _ and - characters.

  • Importance: medium

reporter.error.topic.replication.factor

The replication factor of the error topic when it is automatically created by this connector. This determines how many broker failures can be tolerated before data loss occurs. This should be 1 in development environments and ALWAYS at least 3 in production environments.

  • Type: short

  • Default: 3

  • Valid Values: [1,…]

  • Importance: medium

reporter.error.topic.partitions

The number of partitions in the error topic when it is automatically created by this connector. This number of partitions should be the same as the number of input partitions in order to handle the potential throughput.

  • Type: int

  • Default: 1

  • Valid Values: [1,…]

  • Importance: medium

reporter.bootstrap.servers

A list of host/port pairs to use for establishing the initial connection to the Kafka cluster. The client will make use of all servers regardless of which bootstrap servers are specified here. This list only impacts the initial hosts used to discover the full set of servers. This list should be in the form host1:port1,host2:port2,.. Since these servers are just used for the initial connection to discover the full cluster membership (which may change dynamically), this list does not need to contain the full set of servers. However, you may want to include more than one in case a server is down.

  • Type: list

  • Valid Values: Non-empty list

  • Importance: high

Formatter

reporter.result.topic.key.format

The format in which the result report key is serialized.

  • Type: string

  • Default: string

  • Valid Values: one of [string, json]

  • Importance: medium

  • Dependents: reporter.result.topic.key.format.schemas.enable, reporter.result.topic.key.format.schemas.cache.size

reporter.result.topic.value.format

The format in which the result report value is serialized.

  • Type: string

  • Default: string

  • Valid Values: one of [string, json]

  • Importance: medium

  • Dependents: reporter.result.topic.value.format.schemas.cache.size, reporter.result.topic.value.format.schemas.enable

reporter.error.topic.key.format

The format in which the error report key is serialized.

  • Type: string

  • Default: string

  • Valid Values: one of [string, json]

  • Importance: medium

  • Dependents: reporter.error.topic.key.format.schemas.cache.size, reporter.error.topic.key.format.schemas.enable

reporter.error.topic.value.format

The format in which the error report value is serialized.

  • Type: string

  • Default: string

  • Valid Values: one of [string, json]

  • Importance: medium

  • Dependents: reporter.error.topic.value.format.schemas.cache.size, reporter.error.topic.value.format.schemas.enable

JSON Formatter

reporter.result.topic.key.format.schemas.cache.size

The maximum number of schemas that can be cached in the JSON formatter.

  • Type: int

  • Default: 128

  • Valid Values: [0,…,2048]

  • Importance: medium

reporter.result.topic.key.format.schemas.enable

Include schemas within each of the serialized values and keys.

  • Type: boolean

  • Default: false

  • Importance: medium

reporter.result.topic.value.format.schemas.cache.size

The maximum number of schemas that can be cached in the JSON formatter.

  • Type: int

  • Default: 128

  • Valid Values: [0,…,2048]

  • Importance: medium

reporter.result.topic.value.format.schemas.enable

Include schemas within each of the serialized values and keys.

  • Type: boolean

  • Default: false

  • Importance: medium

reporter.error.topic.key.format.schemas.cache.size

The maximum number of schemas that can be cached in the JSON formatter.

  • Type: int

  • Default: 128

  • Valid Values: [0,…,2048]

  • Importance: medium

reporter.error.topic.key.format.schemas.enable

Include schemas within each of the serialized values and keys.

  • Type: boolean

  • Default: false

  • Importance: medium

reporter.error.topic.value.format.schemas.cache.size

The maximum number of schemas that can be cached in the JSON formatter.

  • Type: int

  • Default: 128

  • Valid Values: [0,…,2048]

  • Importance: medium

reporter.error.topic.value.format.schemas.enable

Include schemas within each of the serialized values and keys.

  • Type: boolean

  • Default: false

  • Importance: medium

Proxy Configuration

aws.lambda.proxy.url

HTTPS Proxy Server URL. This property is meant to be used only if you need to access AWS Lambda through an HTTPS proxy.

  • Type: string

  • Default: “”

  • Importance: low

aws.lambda.proxy.user

HTTPS Proxy User. This property is meant to be used only if you need to access AWS Lambda through a proxy. Using aws.lambda.proxy.user instead of embedding the username and password in aws.lambda.proxy.url allows the password to be hidden in the logs.

  • Type: string

  • Default: “”

  • Importance: low

aws.lambda.proxy.password

HTTPS Proxy Password. This property is meant to be used only if you need to access AWS Lambda through a proxy. Using aws.lambda.proxy.password instead of embedding the username and password in aws.lambda.proxy.url allows the password to be hidden in the logs.

  • Type: password

  • Default: [hidden]

  • Importance: low

Confluent Platform license

confluent.topic.bootstrap.servers A list of host/port pairs to use for establishing the initial connection to the Kafka cluster used for licensing. All servers in the cluster will be discovered from the initial connection. This list should be in the form host1:port1,host2:port2,.... Since these servers are just used for the initial connection to discover the full cluster membership (which may change dynamically), this list need not contain the full set of servers (you may want more than one, though, in case a server is down).

  • Type: list

  • Importance: high

confluent.topic Name of the Kafka topic used for Confluent Platform configuration, including licensing information.

  • Type: string

  • Default: _confluent-command

  • Importance: low

confluent.topic.replication.factor The replication factor for the Kafka topic used for Confluent Platform configuration, including licensing information. This is used only if the topic does not already exist, and the default of 3 is appropriate for production use. If you are using a development environment with less than 3 brokers, you must set this to the number of brokers (often 1).

  • Type: int

  • Default: 3

  • Importance: low

Confluent license properties

You can put license-related properties in the connector configuration, or starting with Confluent Platform version 6.0, you can put license-related properties in the Connect worker configuration instead of in each connector configuration.

This connector is proprietary and requires a license. The license information is stored in the _confluent-command topic. If the broker requires SSL for connections, you must include the security-related confluent.topic.* properties as described below.

confluent.license

Confluent issues enterprise license keys to each subscriber. The license key is text that you can copy and paste as the value for confluent.license. A trial license allows using the connector for a 30-day trial period. A developer license allows using the connector indefinitely for single-broker development environments.

If you are a subscriber, contact Confluent Support for more information.

  • Type: string

  • Default: “”

  • Valid Values: Confluent Platform license

  • Importance: high

confluent.topic.ssl.truststore.location

The location of the trust store file.

  • Type: string

  • Default: null

  • Importance: high

confluent.topic.ssl.truststore.password

The password for the trust store file. If a password is not set access to the truststore is still available, but integrity checking is disabled.

  • Type: password

  • Default: null

  • Importance: high

confluent.topic.ssl.keystore.location

The location of the key store file. This is optional for client and can be used for two-way authentication for client.

  • Type: string

  • Default: null

  • Importance: high

confluent.topic.ssl.keystore.password

The store password for the key store file. This is optional for client and only needed if ssl.keystore.location is configured.

  • Type: password

  • Default: null

  • Importance: high

confluent.topic.ssl.key.password

The password of the private key in the key store file. This is optional for client.

  • Type: password

  • Default: null

  • Importance: high

confluent.topic.security.protocol

Protocol used to communicate with brokers. Valid values are: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL.

  • Type: string

  • Default: “PLAINTEXT”

  • Importance: medium

License topic configuration

A Confluent enterprise license is stored in the _confluent-command topic. This topic is created by default and contains the license that corresponds to the license key supplied through the confluent.license property. No public keys are stored in Kafka topics.

The following describes how the default _confluent-command topic is generated under different scenarios:

  • A 30-day trial license is automatically generated for the _confluent command topic if you do not add the confluent.license property or leave this property empty (for example, confluent.license=).

  • Adding a valid license key (for example, confluent.license=<valid-license-key>) adds a valid license in the _confluent-command topic.

Here is an example of the minimal properties for development and testing.

You can change the name of the _confluent-command topic using the confluent.topic property (for instance, if your environment has strict naming conventions). The example below shows this change and the configured Kafka bootstrap server.

confluent.topic=foo_confluent-command
confluent.topic.bootstrap.servers=localhost:9092

The example above shows the minimally required bootstrap server property that you can use for development and testing. For a production environment, you add the normal producer, consumer, and topic configuration properties to the connector properties, prefixed with confluent.topic..

License topic ACLs

The _confluent-command topic contains the license that corresponds to the license key supplied through the confluent.license property. It is created by default. Connectors that access this topic require the following ACLs configured:

  • CREATE and DESCRIBE on the resource cluster, if the connector needs to create the topic.

  • DESCRIBE, READ, and WRITE on the _confluent-command topic.

    Important

    You can also use DESCRIBE and READ without WRITE to restrict access to read-only for license topic ACLs. If a topic exists, the LicenseManager will not try to create the topic.

You can provide access either individually for each principal that will use the license or use a wildcard entry to allow all clients. The following examples show commands that you can use to configure ACLs for the resource cluster and _confluent-command topic.

  1. Set a CREATE and DESCRIBE ACL on the resource cluster:

    kafka-acls --bootstrap-server localhost:9092 --command-config adminclient-configs.conf \
--add --allow-principal User:<principal> \
--operation CREATE --operation DESCRIBE --cluster

  2. Set a DESCRIBE, READ, and WRITE ACL on the _confluent-command topic:

    kafka-acls --bootstrap-server localhost:9092 --command-config adminclient-configs.conf \
--add --allow-principal User:<principal> \
--operation DESCRIBE --operation READ --operation WRITE --topic _confluent-command

Override Default Configuration Properties

You can override the replication factor using confluent.topic.replication.factor. For example, when using a Kafka cluster as a destination with less than three brokers (for development and testing) you should set the confluent.topic.replication.factor property to 1.

You can override producer-specific properties by using the producer.override.* prefix (for source connectors) and consumer-specific properties by using the consumer.override.* prefix (for sink connectors).

You can use the defaults or customize the other properties as well. For example, the confluent.topic.client.id property defaults to the name of the connector with -licensing suffix. You can specify the configuration settings for brokers that require SSL or SASL for client connections using this prefix.

You cannot override the cleanup policy of a topic because the topic always has a single partition and is compacted. Also, do not specify serializers and deserializers using this prefix; they are ignored if added.