---
title: MSK clusters should use IAM authentication between clients and brokers
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > MSK clusters should use IAM
  authentication between clients and brokers
---

# MSK clusters should use IAM authentication between clients and brokers
 
## Description{% #description %}

MSK clusters should use IAM authentication between clients and brokers, and other authentication methods should be disabled. IAM auth provides centralized access control and eliminates the need to distribute static credentials.

## Remediation{% #remediation %}

Enable IAM client authentication for the cluster and disable unauthenticated, SCRAM, and mutual TLS access. For guidance, refer to [IAM access control for Amazon MSK](https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html).