Appearance

KeyRunner now supports Apache Kafka as a first-class connection type, enabling you to produce and consume messages from Kafka topics directly from the app.

Getting Started

  1. Access Kafka from Connectors in bottom pannel.
  2. Enter a name for your connection and the broker addresses (comma-separated, e.g., broker1:9092, broker2:9092).
  3. Configure authentication if your cluster requires it (see below).
  4. Click Connect to establish the connection.
  5. Once connected, you can produce and consume messages from topics.

Producing Messages

  • Switch to the Message tab.
  • Select an existing topic from the dropdown (populated automatically when you connect) or click Add Topic to create a new one.
  • Choose the message format — JSON or TEXT — and compose your message in the editor.
  • Click Send to publish the message to the selected topic.

Consuming Messages

  • The Response panel (bottom half of the split view) shows incoming messages from a subscribed topic in real time.
  • Select a topic from the consumer dropdown to start receiving messages.
  • Use the Clear Logs button to reset the message stream.

Supported Authentication Mechanisms

KeyRunner supports the full range of Kafka SASL authentication options:

MechanismDescription
NoneUnauthenticated / plaintext brokers
PLAINUsername + Password over SASL/PLAIN
SCRAM-SHA-256Username + Password using SCRAM-SHA-256
SCRAM-SHA-512Username + Password using SCRAM-SHA-512
AWS IAM (MSK)AWS Managed Streaming for Kafka using IAM authentication

AWS IAM (MSK) — Profile Mode: Uses your local AWS credential chain (environment variables, ~/.aws/credentials, or AWS SSO). Optionally specify a named AWS CLI profile. No credentials are stored in KeyRunner — a short-lived signed token is generated on each connection.

# Setup steps:
1. Install AWS CLI:  brew install awscli
2. Configure profile:  aws configure --profile my-msk-profile
3. For SSO:  aws configure sso --profile my-msk-profile
            aws sso login --profile my-msk-profile
4. Ensure IAM role has kafka-cluster:Connect permission on the MSK cluster ARN
5. Enter region and (optionally) profile name in KeyRunner

AWS IAM (MSK) — Access Keys Mode: Provide an IAM Access Key ID, Secret Access Key, and optional Session Token (for STS assumed roles). Credentials are stored encrypted on disk. A signed token is generated per connection — your keys are never sent directly to the broker.

SSL: SSL is automatically enabled when selecting AWS IAM. For other mechanisms, SSL can be configured independently.

Released under the MIT License.

Copyright © 2023-LaunchIAM inc.