Issue when creating DMS endpoint to connect with MSK using Mutual TLS authentication
I have setup DMS to connect to MySQL database as the source and Kafka as target.
I tested the source and target flow without TLS authentication works fine.Now I want to setup DMS with Kafka endpoint using TLS authentication.
I tried out this link to check if I am able to connect using TLS authentication to Kafka cluster using the certificates generated, which worked. I used this with Glue as well and the connectivity works.
Now for DMS, I followed the steps provided here ( Section: Using SSL authentication ). But when I test the endpoint I get the error: Test failed due to KMS key Exception : No permission to access Key 'arn:aws:kms:ap-southeast-2:xxxxxxxxxxxx:key/xxxxxxxxxxxxx'. The KMS key here is the default key that DMS creates when we launch a replication instance.
I tried using a CMK for DMS and created the endpoint using this KMS key. But it did not work. In this case, the endpoint errored out saying it could not connect to Kafka.
Not really sure what the issue is. Has anyone come across this issue?
- 最新
- 最多得票
- 最多評論
Hi, It's seems that your DMS instance is assuming an IAM Role with some missing authorization to access your KMS key. Did you already try to update your IAM role and allow access to your Key ARN ? Hope it helps.
相關內容
AWS 官方已更新 1 年前- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前