0

I am working on a AWS DMS Proof of Concept project where I need to migrate a large data set from source to target.I am successful to create the resources and do the migration but the issue I am facing is with permissions created for these database. The source and target both are MySQL Aurora databases and I am creating these databases using the terraform in AWS. When creating users for the databases, I am creating reader, writer and admin. Currently, I am using admin credentials with All Privileges for this. Sample as below: 
variable "mysql_source_database_roles" {
  description = "Map of database roles and associated permissions."
  type        = map(any)
  default = {
    poc-source-db_reader = {
      database   = "poc-source-db"
      privileges = ["SELECT"]
    }

    poc-source-db_writer = {
      database   = "poc-source-db"
      privileges = ["SELECT", "INSERT", "UPDATE", "DELETE"]
    }
    poc-source-db_admin = {
      database   = "poc-source-db"
      privileges = ["ALL PRIVILEGES"]
    }
  }
}

My question is, what privileges can I set for the new user that I create such that DMS works as expected. I have same question for target database user as well.

Sam
  • 57
  • 7

1 Answers1

1

AWS DMS needs special permissions for users used by the AWS DMS endpoint connectors.

For the source you will need REPLICATION CLIENT, REPLICATION SLAVE, SUPER permissions. You could review all details on the link below.

Using any MySQL-compatible database as a source for AWS DMS

For the target you will need ALTER, CREATE, DROP, INDEX, INSERT, UPDATE, DELETE, SELECT ON .*. You could review on link below all details.

Using any MySQL-compatible database as a target for AWS Database Migration Service

Sergio N
  • 146
  • 2