My team is currently experimenting with IAM Database Authentication for our RDS mysql aurora clusters. We also use DMS to migrate data between DBs. However, it doesn't look like DMS support IAM authentication.
Is there any support for DMS endpoints and IAM DB authentication? Or is this not the correct pattern.
We tried setting the password as the token directly but the min password length for DMS endpoints is 128 so it's not an option.
They do not. I received this answer from AWS support today:
To start with, currently you need to have a user in the RDS database instance which is being used as a DMS endpoint[+]. IAM authentication to connect to RDS instances being used as DMS endpoint is currently not supported.
In regards to above mentioned documentation[+], you can follow the steps to use the master user or non-master account for the PostgreSQL DB instance as the user account for the PostgreSQL source endpoint for AWS DMS.
With this said, I have raised a feature request with our internal to check the feasibility to use IAM authentication to connect RDS instances being used as DMS endpoints. At the moment there is no ETA on when will this be implemented.
[+] https://repost.aws/tags/TAsibBK6ZeQYihN9as4S_psg?forumID=60 [+] https://aws.amazon.com/blogs/database/tag/dms/
