AWS DMS - Database Migration Service SYSTEM ERROR MESSAGE:The IAM Role arn:aws:iam:::role/dms-vpc-role is not configured properly

Question

I am trying to create a a DMS (Database Migration Service) Instance but I am getting the following error:

SYSTEM ERROR MESSAGE:The IAM Role arn:aws:iam::<account_id>:role/dms-vpc-role is not configured properly

What role should I create and to what I should assign it to?

Andreu Gallofré · Accepted Answer

Seems like they changed the IAM roles, if anyone is trying to do this now, the simplest solution is to create a replication instance in the AWS console and the dms-vpc-role will be automatically created.

Then you can delete that 'temporal' instance and run the cloudformation/aws cli to create the instance that you want.

If you want to create the role by hand, the policy attached has to be AmazonDMSVPCManagementRole

And contains the following permissions:

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Action": [
            "ec2:CreateNetworkInterface",
            "ec2:DescribeAvailabilityZones",
            "ec2:DescribeInternetGateways",
            "ec2:DescribeSecurityGroups",
            "ec2:DescribeSubnets",
            "ec2:DescribeVpcs",
            "ec2:DeleteNetworkInterface",
            "ec2:ModifyNetworkInterfaceAttribute"
        ],
        "Resource": "*"
    }
]
}

AWS DMS - Database Migration Service SYSTEM ERROR MESSAGE:The IAM Role arn:aws:iam::<account_id>:role/dms-vpc-role is not configured properly

Tags:

amazon-web-services

amazon-iam

aws-dms

Eran Chetzroni

1 Answers

Andreu Gallofré

Recent Activity

Donate For Us