In addition to turning on public access, ensure that the cluster's security groups have inbound TCP rules that allow public access from your IP address. We recommend that you make these rules as restrictive as possible. For information about security groups and inbound rules, see Security groups for your VPC in the Amazon VPC User Guide. For port numbers, see Port information. For instructions on how to change a cluster's security group, see Changing an Amazon MSK cluster's security group.
To turn off public access, use a similar AWS CLI command, but with the following connectivity info instead:
For security reasons, Amazon MSK doesn't allow public access to Apache ZooKeeper nodes. For information about how to control access to the Apache ZooKeeper nodes of your MSK cluster from within AWS, see Controlling access to Apache ZooKeeper.