Resource: awsDmsReplicationSubnetGroup
Provides a DMS (Data Migration Service) replication subnet group resource. DMS replication subnet groups can be created, updated, deleted, and imported.
\~> Note: AWS requires a special IAM role called dmsVpcRole
when using this resource. See the example below to create it as part of your configuration.
Example Usage
Basic
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dmsReplicationSubnetGroup.DmsReplicationSubnetGroup(this, "example", {
replicationSubnetGroupDescription: "Example replication subnet group",
replicationSubnetGroupId: "example-dms-replication-subnet-group-tf",
subnetIds: ["subnet-12345678", "subnet-12345679"],
tags: {
Name: "example",
},
});
Creating special IAM role
If your account does not already include the dmsVpcRole
IAM role, you will need to create it to allow DMS to manage subnets in the VPC.
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsIamRoleDmsVpcRole = new aws.iamRole.IamRole(this, "dms-vpc-role", {
assumeRolePolicy:
'${jsonencode({\n Version = "2012-10-17"\n Statement = [\n {\n Effect = "Allow"\n Principal = {\n Service = "dms.amazonaws.com"\n }\n Action = "sts:AssumeRole"\n },\n ]\n })}',
description: "Allows DMS to manage VPC",
name: "dms-vpc-role",
});
const awsIamRolePolicyAttachmentExample =
new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(this, "example", {
policyArn:
"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole",
role: awsIamRoleDmsVpcRole.name,
});
const awsDmsReplicationSubnetGroupExample =
new aws.dmsReplicationSubnetGroup.DmsReplicationSubnetGroup(
this,
"example_2",
{
depends_on: [`\${${awsIamRolePolicyAttachmentExample.fqn}}`],
replicationSubnetGroupDescription: "Example",
replicationSubnetGroupId: "example-id",
subnetIds: ["subnet-12345678", "subnet-12345679"],
tags: {
Name: "example-id",
},
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsDmsReplicationSubnetGroupExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
replicationSubnetGroupDescription
- (Required) Description for the subnet group.replicationSubnetGroupId
- (Required) Name for the replication subnet group. This value is stored as a lowercase string. It must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens and cannot bedefault
.subnetIds
- (Required) List of at least 2 EC2 subnet IDs for the subnet group. The subnets must cover at least 2 availability zones.tags
- (Optional) Map of tags to assign to the resource. If configured with a providerdefaultTags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
tagsAll
- A map of tags assigned to the resource, including those inherited from the providerdefaultTags
configuration block.vpcId
- The ID of the VPC the subnet group is in.
Timeouts
create
- (Default15M
)update
- (Default15M
)delete
- (Default15M
)
Import
Replication subnet groups can be imported using the replicationSubnetGroupId
, e.g.,