I would like to confirm whether it is possible to have encrypted data transfer from AS400 to the target as Apache Kafka on a cloud. As far as I know, there is no such option for IBM Series-i but available on Linux and Windows.
So, it is not possible to configure IBM data replication (CDC) with:
AS400 (Journal) -> Access Server / Apply Agent -> Kafka on AWS
There is a big concerns for the security for MQ w/o encryption. Even there is a secured tunnel, but it is not allowed to have un-encrypted message (only the VPN is secure). Actually, I am still thinking of any possible workaround for this case.
I'm a developer with the IBM CDC team.
Regarding AS400 encrypted data transfer, there is no such option available at the moment. However, we do have a Request for Feature Enhancement (RFE) to enable this scenario: https://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=45264. The development team will prioritize this feature enhancement based on customer interest.
Regarding security concerns, one option could be keeping all of the CDC components in the datacenter, behind a firewall and secured, and apply to Kafka using remote TLS connection.
CDC uses Kafka 1.1.1 client library to write to Kafka. If Kafka on AWS supports this jar as a producer, then CDC can write to it.