Update amazon-msk.mdx to fix sasl.mechanism property

[kazdy]

for sasl/scram auth we must specify
sasl.mechanism = 'SCRAM-SHA-512' not AWS_MSK_IAM

Description

[ Please provide a brief summary of the documentation changes and purpose. ]

Related code PR

[ Link to the related code pull request (if any). ]

Related doc issue

[ Link to the related documentation issue or task (if any). ]

Fix [ Provide the link to the doc issue here. ]

Checklist

• I have run the documentation build locally to verify the updates are applied correctly.
• For new pages, I have updated mint.json to include the page in the table of contents.
• All links and references have been checked and are not broken.

[tabVersion]

Hi @kazdy, thanks for contribution.

There are two auth for MSK, SSL/SASL and IAM (AWS recommends).

• SSL/SASL requires SCRAM-SHA-512 as you mentioned ref.
• IAM auth allows RisingWave loads credentials from ENV to avoid exposing secrets, which more like oauthbearer. It is supported by AWS_MSK_IAM. ref

Thanks for pointing out, I think it is okay to have two examples here.

[kazdy]

Hi, thanks for checking.

So atm there are 2 examples one specifies:

properties.sasl.username = '<your-username>',
  properties.sasl.password = '<your-password>'

but the sasl.mechanism is set to AWS_MSK_IAM, which is incorrect and won't work
this may confuse new users such as myself

the example below this one shows correct AWS_MSK_IAM config with provided aws credentials instead sasl username and password

risingwave-docs/integrations/sources/amazon-msk.mdx

Lines 222 to 233 in 5585959

	```sql
	CREATE SINK sink1 FROM mv1
	WITH (
	connector='kafka',
	type = 'append-only',
	topic='quickstart-events',
	properties.bootstrap.server='msk-broker-addr:9093',
	properties.sasl.mechanism='AWS_MSK_IAM',
	aws.region = 'us-east-1',
	aws.credentials.access_key_id = 'your_access_key',
	aws.credentials.secret_access_key = 'your_secret_key'
	) FORMAT PLAIN ENCODE JSON;

[kazdy]

Also I don't think this line is correct, it mentions Kinesis, but this page is about Kafka:

risingwave-docs/integrations/sources/amazon-msk.mdx

Line 212 in 5585959

| aws.endpoint | Optional. URL of the entry point for the AWS Kinesis service. |

For kafka we use brokers and not aws service endpoint ie kafka.us-east-2.amazonaws.com, so there's no need to specify it (not sure though)?

[tabVersion]

Also I don't think this line is correct, it mentions Kinesis, but this page is about Kafka:

risingwave-docs/integrations/sources/amazon-msk.mdx

Line 212 in 5585959

| aws.endpoint | Optional. URL of the entry point for the AWS Kinesis service. |

For kafka we use brokers and not aws service endpoint ie kafka.us-east-2.amazonaws.com, so there's no need to specify it (not sure though)?

I think it is removed in #519

Besides, the endpoint here is not mandatory but an optional one, in case you have a private endpoint in your own VPC.