Skip to content

Resource: awsDmsReplicationInstance

Provides a DMS (Data Migration Service) replication instance resource. DMS replication instances can be created, updated, deleted, and imported.

Example Usage

Create required roles and then create a DMS instance, setting the depends_on to the required role policy attachments.

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsIamPolicyDocumentDmsAssumeRole =
  new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
    this,
    "dms_assume_role",
    {
      statement: [
        {
          actions: ["sts:AssumeRole"],
          principals: [
            {
              identifiers: ["dms.amazonaws.com"],
              type: "Service",
            },
          ],
        },
      ],
    }
  );
const awsIamRoleDmsAccessForEndpoint = new aws.iamRole.IamRole(
  this,
  "dms-access-for-endpoint",
  {
    assumeRolePolicy: dataAwsIamPolicyDocumentDmsAssumeRole.json,
    name: "dms-access-for-endpoint",
  }
);
const awsIamRoleDmsCloudwatchLogsRole = new aws.iamRole.IamRole(
  this,
  "dms-cloudwatch-logs-role",
  {
    assumeRolePolicy: dataAwsIamPolicyDocumentDmsAssumeRole.json,
    name: "dms-cloudwatch-logs-role",
  }
);
const awsIamRoleDmsVpcRole = new aws.iamRole.IamRole(this, "dms-vpc-role", {
  assumeRolePolicy: dataAwsIamPolicyDocumentDmsAssumeRole.json,
  name: "dms-vpc-role",
});
const awsIamRolePolicyAttachmentDmsAccessForEndpointAmazonDmsRedshiftS3Role =
  new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(
    this,
    "dms-access-for-endpoint-AmazonDMSRedshiftS3Role",
    {
      policyArn: "arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role",
      role: awsIamRoleDmsAccessForEndpoint.name,
    }
  );
const awsIamRolePolicyAttachmentDmsCloudwatchLogsRoleAmazonDmsCloudWatchLogsRole =
  new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(
    this,
    "dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole",
    {
      policyArn:
        "arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole",
      role: awsIamRoleDmsCloudwatchLogsRole.name,
    }
  );
const awsIamRolePolicyAttachmentDmsVpcRoleAmazonDmsvpcManagementRole =
  new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(
    this,
    "dms-vpc-role-AmazonDMSVPCManagementRole",
    {
      policyArn:
        "arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole",
      role: awsIamRoleDmsVpcRole.name,
    }
  );
new aws.dmsReplicationInstance.DmsReplicationInstance(this, "test", {
  allocatedStorage: 20,
  applyImmediately: true,
  autoMinorVersionUpgrade: true,
  availabilityZone: "us-west-2c",
  depends_on: [
    `\${${awsIamRolePolicyAttachmentDmsAccessForEndpointAmazonDmsRedshiftS3Role.fqn}}`,
    `\${${awsIamRolePolicyAttachmentDmsCloudwatchLogsRoleAmazonDmsCloudWatchLogsRole.fqn}}`,
    `\${${awsIamRolePolicyAttachmentDmsVpcRoleAmazonDmsvpcManagementRole.fqn}}`,
  ],
  engineVersion: "3.1.4",
  kmsKeyArn:
    "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012",
  multiAz: false,
  preferredMaintenanceWindow: "sun:10:30-sun:14:30",
  publiclyAccessible: true,
  replicationInstanceClass: "dms.t2.micro",
  replicationInstanceId: "test-dms-replication-instance-tf",
  replicationSubnetGroupId:
    "${aws_dms_replication_subnet_group.test-dms-replication-subnet-group-tf.id}",
  tags: {
    Name: "test",
  },
  vpcSecurityGroupIds: ["sg-12345678"],
});

Argument Reference

The following arguments are supported:

  • allocatedStorage - (Optional, Default: 50, Min: 5, Max: 6144) The amount of storage (in gigabytes) to be initially allocated for the replication instance.

  • allowMajorVersionUpgrade - (Optional, Default: false) Indicates that major version upgrades are allowed.

  • applyImmediately - (Optional, Default: false) Indicates whether the changes should be applied immediately or during the next maintenance window. Only used when updating an existing resource.

  • autoMinorVersionUpgrade - (Optional, Default: false) Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window.

  • availabilityZone - (Optional) The EC2 Availability Zone that the replication instance will be created in.

  • engineVersion - (Optional) The engine version number of the replication instance.

  • kmsKeyArn - (Optional) The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters. If you do not specify a value for kmsKeyArn, then AWS DMS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS region.

  • multiAz - (Optional) Specifies if the replication instance is a multi-az deployment. You cannot set the availabilityZone parameter if the multiAz parameter is set to true.

  • preferredMaintenanceWindow - (Optional) The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).

    • Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week.
    • Format: ddd:hh24:miDdd:hh24:mi
    • Valid Days: mon,Tue,Wed,Thu,Fri,Sat,Sun
    • Constraints: Minimum 30-minute window.

  • publiclyAccessible - (Optional, Default: false) Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.

  • replicationInstanceClass - (Required) The compute and memory capacity of the replication instance as specified by the replication instance class. See AWS DMS User Guide for available instance sizes and advice on which one to choose.

  • replicationInstanceId - (Required) The replication instance identifier. This parameter is stored as a lowercase string.

    • Must contain from 1 to 63 alphanumeric characters or hyphens.
    • First character must be a letter.
    • Cannot end with a hyphen
    • Cannot contain two consecutive hyphens.

  • replicationSubnetGroupId - (Optional) A subnet group to associate with the replication instance.

  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

  • vpcSecurityGroupIds - (Optional) A list of VPC security group IDs to be used with the replication instance. The VPC security groups must work with the VPC containing the replication instance.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • replicationInstanceArn - The Amazon Resource Name (ARN) of the replication instance.
  • replicationInstancePrivateIps - A list of the private IP addresses of the replication instance.
  • replicationInstancePublicIps - A list of the public IP addresses of the replication instance.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Timeouts

Configuration options:

  • create - (Default 30M)
  • update - (Default 30M)
  • delete - (Default 30M)

Import

Replication instances can be imported using the replicationInstanceId, e.g.,

$ terraform import aws_dms_replication_instance.test test-dms-replication-instance-tf