By using AWS re:Post, you agree to the Terms of Use

DMS 3.4.7 Fails on some tables upload to Redshift : Access denied to KMS key


Hello, Since the upgrade to version 3.4.7 from 3.4.6 of DMS. Some of our migration tasks are failing, only on some specific tables. We migrate tables from AuroraMySQL, MySQL RDS and Postgres RDS databases, to a Redshift cluster, all on the same VPC.

Since the upgrade, some of the tables fail to be migrated, whereas others are successful, when looking at the logs, it seems that DMS is denied an access to a KMS key, used to write to S3 before the Redshift load.

When looking at permissions, DMS can indeed use the key for encrypting data to S3, and has been able to upload files for other tables. The tables that fail are on multiple replication tasks, running on different types of databases. The successful tables even end up on Redshift. Nothing particular has been found with the failing tables, they don't use any other KMS key.

Nothing particularly relevant was found on Cloudtrail. And reverting to 3.4.6 solved the issue. Is there something on this update related to how DMS handles keys, or writing tables to the S3 bucket for Redshift targets ? Thanks a lot, Best regards,