LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

@kawashinji(Shinji Kawaguchi)

AWS CLIでThe IAM Role arn:aws:iam::xxxxxxxx:role/dms-vpc-role is not configured properly

Posted at

事象

  • CLIでAWS DMSを作成しようとしたら以下のエラーが発生しました。
$aws dms create-replication-subnet-group \
  --replication-subnet-group-identifier "replication-subnet-group" \
  --replication-subnet-group-description "for something" \
  --subnet-ids subnet-xxxxxxx subnet-xxxxxxxx

An error occurred (AccessDeniedFault) when calling the CreateReplicationSubnetGroup operation: The IAM Role arn:aws:iam::xxxxxxx:role/dms-vpc-role is not configured properly.

原因

  • arn:aws:iam::xxxxxxx:role/dms-vpc-roleがいないことです。

対応策1

  • AWS Consoleからレプリケーションインスタンスを作る。
    完了すると、 arn:aws:iam::xxxxxxx:role/dms-vpc-roleが出来るので、その後はAWS CLIで作成できます。

対応策2

  • 自前で作る
項目
Role名  dms-vpc-role
AssumeRolePolicy(信頼ポリシー) {
 "Version": "2012-10-17",
 "Statement": [
  {
   "Sid": "",
   "Effect": "Allow",
   "Principal": {
    "Service": "dms.amazonaws.com"
   },
   "Action": "sts:AssumeRole"
  }
 ]
}
RolePolicyAttachment(許可ポリシー) AmazonDMSVPCManagementRole

参考

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?