Amazon Redshift announces mTLS support for Amazon MSK

Posted on: Sep 30, 2024

Amazon Redshift streaming ingestion already supports Amazon IAM authentication and with this announcement, we are now extending authentication methods with the addition of mutual transport layer security (mTLS) authentication between Amazon Redshift provisioned cluster or serverless workgroup and Amazon Managed Streaming for Apache Kafka (MSK) cluster or serverless.

mTLS is an industry standard for authentication that provides the means for a server to authenticate a client it's sending information to, and for the client to authenticate the server. The benefit of using mTLS is to provide a trusted authentication method that relies on each party (client & server) exchanging a certificate issued by mutually trusted certificate authorities. This is a common requirement for compliance reasons in a variety of applications in several industries, e.g., financial, retail, government and healthcare industries.

mTLS authentication is available starting with Amazon Redshift patch 184 release in all AWS regions where Amazon Redshift and Amazon MSK are currently available. See AWS service availability by region for more information.

To learn more about using mTLS authentication with Amazon Redshift streaming, please refer to the Amazon MSK and mTLS sub-sections of the Amazon Redshift streaming documentation.