Resource: awsDmsReplicationInstance
Provides a DMS (Data Migration Service) replication instance resource. DMS replication instances can be created, updated, deleted, and imported.
Example Usage
Create required roles and then create a DMS instance, setting the depends_on to the required role policy attachments.
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsIamPolicyDocumentDmsAssumeRole =
new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
this,
"dms_assume_role",
{
statement: [
{
actions: ["sts:AssumeRole"],
principals: [
{
identifiers: ["dms.amazonaws.com"],
type: "Service",
},
],
},
],
}
);
const awsIamRoleDmsAccessForEndpoint = new aws.iamRole.IamRole(
this,
"dms-access-for-endpoint",
{
assumeRolePolicy: dataAwsIamPolicyDocumentDmsAssumeRole.json,
name: "dms-access-for-endpoint",
}
);
const awsIamRoleDmsCloudwatchLogsRole = new aws.iamRole.IamRole(
this,
"dms-cloudwatch-logs-role",
{
assumeRolePolicy: dataAwsIamPolicyDocumentDmsAssumeRole.json,
name: "dms-cloudwatch-logs-role",
}
);
const awsIamRoleDmsVpcRole = new aws.iamRole.IamRole(this, "dms-vpc-role", {
assumeRolePolicy: dataAwsIamPolicyDocumentDmsAssumeRole.json,
name: "dms-vpc-role",
});
const awsIamRolePolicyAttachmentDmsAccessForEndpointAmazonDmsRedshiftS3Role =
new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(
this,
"dms-access-for-endpoint-AmazonDMSRedshiftS3Role",
{
policyArn: "arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role",
role: awsIamRoleDmsAccessForEndpoint.name,
}
);
const awsIamRolePolicyAttachmentDmsCloudwatchLogsRoleAmazonDmsCloudWatchLogsRole =
new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(
this,
"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole",
{
policyArn:
"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole",
role: awsIamRoleDmsCloudwatchLogsRole.name,
}
);
const awsIamRolePolicyAttachmentDmsVpcRoleAmazonDmsvpcManagementRole =
new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(
this,
"dms-vpc-role-AmazonDMSVPCManagementRole",
{
policyArn:
"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole",
role: awsIamRoleDmsVpcRole.name,
}
);
new aws.dmsReplicationInstance.DmsReplicationInstance(this, "test", {
allocatedStorage: 20,
applyImmediately: true,
autoMinorVersionUpgrade: true,
availabilityZone: "us-west-2c",
depends_on: [
`\${${awsIamRolePolicyAttachmentDmsAccessForEndpointAmazonDmsRedshiftS3Role.fqn}}`,
`\${${awsIamRolePolicyAttachmentDmsCloudwatchLogsRoleAmazonDmsCloudWatchLogsRole.fqn}}`,
`\${${awsIamRolePolicyAttachmentDmsVpcRoleAmazonDmsvpcManagementRole.fqn}}`,
],
engineVersion: "3.1.4",
kmsKeyArn:
"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012",
multiAz: false,
preferredMaintenanceWindow: "sun:10:30-sun:14:30",
publiclyAccessible: true,
replicationInstanceClass: "dms.t2.micro",
replicationInstanceId: "test-dms-replication-instance-tf",
replicationSubnetGroupId:
"${aws_dms_replication_subnet_group.test-dms-replication-subnet-group-tf.id}",
tags: {
Name: "test",
},
vpcSecurityGroupIds: ["sg-12345678"],
});
Argument Reference
The following arguments are supported:
-
allocatedStorage
- (Optional, Default: 50, Min: 5, Max: 6144) The amount of storage (in gigabytes) to be initially allocated for the replication instance. -
allowMajorVersionUpgrade
- (Optional, Default: false) Indicates that major version upgrades are allowed. -
applyImmediately
- (Optional, Default: false) Indicates whether the changes should be applied immediately or during the next maintenance window. Only used when updating an existing resource. -
autoMinorVersionUpgrade
- (Optional, Default: false) Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window. -
availabilityZone
- (Optional) The EC2 Availability Zone that the replication instance will be created in. -
engineVersion
- (Optional) The engine version number of the replication instance. -
kmsKeyArn
- (Optional) The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value forkmsKeyArn
, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region. -
multiAz
- (Optional) Specifies if the replication instance is a multi-az deployment. You cannot set theavailabilityZone
parameter if themultiAz
parameter is set totrue
. -
preferredMaintenanceWindow
- (Optional) The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).- Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week.
- Format:
ddd:hh24:miDdd:hh24:mi
- Valid Days:
mon,Tue,Wed,Thu,Fri,Sat,Sun
- Constraints: Minimum 30-minute window.
-
publiclyAccessible
- (Optional, Default: false) Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address. -
replicationInstanceClass
- (Required) The compute and memory capacity of the replication instance as specified by the replication instance class. See AWS DMS User Guide for available instance sizes and advice on which one to choose. -
replicationInstanceId
- (Required) The replication instance identifier. This parameter is stored as a lowercase string.- Must contain from 1 to 63 alphanumeric characters or hyphens.
- First character must be a letter.
- Cannot end with a hyphen
- Cannot contain two consecutive hyphens.
-
replicationSubnetGroupId
- (Optional) A subnet group to associate with the replication instance. -
tags
- (Optional) A map of tags to assign to the resource. If configured with a providerdefaultTags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. -
vpcSecurityGroupIds
- (Optional) A list of VPC security group IDs to be used with the replication instance. The VPC security groups must work with the VPC containing the replication instance.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
replicationInstanceArn
- The Amazon Resource Name (ARN) of the replication instance.replicationInstancePrivateIps
- A list of the private IP addresses of the replication instance.replicationInstancePublicIps
- A list of the public IP addresses of the replication instance.tagsAll
- A map of tags assigned to the resource, including those inherited from the providerdefaultTags
configuration block.
Timeouts
create
- (Default30M
)update
- (Default30M
)delete
- (Default30M
)
Import
Replication instances can be imported using the replicationInstanceId
, e.g.,