fix: Correct IAM policies for pipes that use MSK as a source. #165

[robert-matusewicz]

Description

This addresses issue #164
The current implementation of the IAM policy for pipes that use MSK as a source is incorrect. It restricts the following actions:

• ec2:DescribeNetworkInterfaces
• ec2:DescribeSecurityGroups
• ec2:DescribeSubnets
• ec2:DescribeVpcs
• ec2:CreateNetworkInterface
• ec2:DeleteNetworkInterface

to the MSK cluster ARN, but all of them require a wildcard resource ("*").

I am aiming to fix this issue with the change in this PR.

In addition, I added an example of a pipe with MSK as a source and a sqs as a target.

Motivation and Context

The correct IAM permissions are not valid for a pipe with MSK source.

Breaking Changes

No

How Has This Been Tested?

• I have updated at least one of the examples/* to demonstrate and validate my change(s)
• I have tested and validated these changes using one or more of the provided examples/* projects

• I have executed pre-commit run -a on my pull request

[github-actions]

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days