homogeneous database migration service, what does the instance security group look like

Question

Using AWS homogeneous database migration service, when you create an instance profile it ask for a VPC security groups.

VPC security groups
Choose one or more security groups for your instances. The security groups specify inbound and outbound rules to control network access to your instance.

Can somebody please tell me what that would look like, I cannot find an example and what I tried has failed.

Accepted Answer

Hello.

According to the documentation here, the DMS replication instance needs to be able to access the source and target DBs.  
Therefore, I think there will be no problem if you allow all communication without any particular restrictions on outbound rules.  
If I were to review the settings, I think it would be the firewall and security group settings for the source DB and target DB.  
I think you need to configure the source and target DBs to allow IP addresses for the DMS replication instances.  
https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.Network

Answer

There are only 5 parameters that you need to determine to configure a Security Group: source and destination IP (or IP range), source and destination port (or port range), and protocol.  You can find several Security Group configuration examples by following this [link](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-examples-intro.html) *(use the links on the page to choose a specific example scenario)*.

homogeneous database migration service, what does the instance security group look like

関連するコンテンツ