Manage AWS DMS endpoint credentials with AWS Secrets Manager for target endpoint as Amazon Documentdb.
When configuring AWS DMS endpoints for Amazon DocumentDB (with MongoDB compatibility) using AWS secrets manager, test connection fails with authentication error. While providing the connection details manually for target documentdb during endpoint creation it works perfectly fine. We made sure secrets manager is created perfectly for Amazon DocumentDB (with MongoDB compatibility) with all the required information.
During investigating the above error in Amazon Documentdb audit log we found it doesn't use correct user details. Instead of taking correct username it shows user as "SECRETS_MANAGER_SECRET_VALUE_STUB". Error from audit log is as below:
"param": { "user": "SECRETS_MANAGER_SECRET_VALUE_STUB", "mechanism": "SCRAM-SHA-1", "success": false, "message": "User does not exist", "error": 18 } }
Seems like a bug in DMS endpoint creation for Amazon Documentdb (with MongoDB compatibility) using AWS Secrets Manager
Note: Our setup works perfectly for AWS RDS postgres databases. However it creates an issue for Amazon Documentdb only.
- 최신
- 최다 투표
- 가장 많은 댓글
Hi, I did the following steps and got it working correctly. Don't think there is a bug.
1> Create a document db cluster.
2> Created a secret with the option "Credentials for Amazon DocumentDB database".
3> Created a DMS replication instance in the same vpc and az where the document db cluster is created.
4> Created an DMS endpoint and ran a test connection using the Replication instance.
5> The test was successful.
Pls refer to the following video https://www.youtube.com/watch?v=6daFZWPKtWA
관련 콘텐츠
AWS 공식업데이트됨 7달 전- AWS 공식업데이트됨 8달 전
- AWS 공식업데이트됨 9달 전
Hi, I did the same steps as mentioned above, same error still persists. Not sure why DMS endpoint is not picking the correct username from secrets manager. All the permission is in place. Could it be related to documentdb version. I am currently using version 4.0.0