CreateInstanceProfile - Amazon Database Migration Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

CreateInstanceProfile

Creates the instance profile using the specified parameters.

Request Syntax

{ "AvailabilityZone": "string", "Description": "string", "InstanceProfileName": "string", "KmsKeyArn": "string", "NetworkType": "string", "PubliclyAccessible": boolean, "SubnetGroupIdentifier": "string", "Tags": [ { "Key": "string", "ResourceArn": "string", "Value": "string" } ], "VpcSecurityGroups": [ "string" ] }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

AvailabilityZone

The Availability Zone where the instance profile will be created. The default value is a random, system-chosen Availability Zone in the Amazon Web Services Region where your data provider is created, for examplem us-east-1d.

Type: String

Required: No

Description

A user-friendly description of the instance profile.

Type: String

Required: No

InstanceProfileName

A user-friendly name for the instance profile.

Type: String

Required: No

KmsKeyArn

The Amazon Resource Name (ARN) of the Amazon KMS key that is used to encrypt the connection parameters for the instance profile.

If you don't specify a value for the KmsKeyArn parameter, then Amazon DMS uses your default encryption key.

Amazon KMS creates the default encryption key for your Amazon Web Services account. Your Amazon Web Services account has a different default encryption key for each Amazon Web Services Region.

Type: String

Required: No

NetworkType

Specifies the network type for the instance profile. A value of IPV4 represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of IPV6 represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of DUAL represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.

Type: String

Required: No

PubliclyAccessible

Specifies the accessibility options for the instance profile. A value of true represents an instance profile with a public IP address. A value of false represents an instance profile with a private IP address. The default value is true.

Type: Boolean

Required: No

SubnetGroupIdentifier

A subnet group to associate with the instance profile.

Type: String

Required: No

Tags

One or more tags to be assigned to the instance profile.

Type: Array of Tag objects

Required: No

VpcSecurityGroups

Specifies the VPC security group names to be used with the instance profile. The VPC security group must work with the VPC containing the instance profile.

Type: Array of strings

Required: No

Response Syntax

{ "InstanceProfile": { "AvailabilityZone": "string", "Description": "string", "InstanceProfileArn": "string", "InstanceProfileCreationTime": "string", "InstanceProfileName": "string", "KmsKeyArn": "string", "NetworkType": "string", "PubliclyAccessible": boolean, "SubnetGroupIdentifier": "string", "VpcSecurityGroups": [ "string" ] } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

InstanceProfile

The instance profile that was created.

Type: InstanceProfile object

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedFault

Amazon DMS was denied access to the endpoint. Check that the role is correctly configured.

HTTP Status Code: 400

FailedDependencyFault

A dependency threw an exception.

HTTP Status Code: 400

InvalidResourceStateFault

The resource is in a state that prevents it from being used for database migration.

HTTP Status Code: 400

KMSKeyNotAccessibleFault

Amazon DMS cannot access the KMS key.

HTTP Status Code: 400

ResourceAlreadyExistsFault

The resource you are attempting to create already exists.

HTTP Status Code: 400

ResourceNotFoundFault

The resource could not be found.

HTTP Status Code: 400

ResourceQuotaExceededFault

The quota for this resource quota has been exceeded.

HTTP Status Code: 400

S3AccessDeniedFault

Insufficient privileges are preventing access to an Amazon S3 object.

HTTP Status Code: 400

S3ResourceNotFoundFault

A specified Amazon S3 bucket, bucket folder, or other object can't be found.

HTTP Status Code: 400

Examples

Creating a replication subnet group

Before you create an instance profile, you must create a replication subnet group. The following example demonstrates creating a replication subnet group using the CreateReplicationSubnetGroup action:

Sample Request

{ "ReplicationSubnetGroupIdentifier": "your-subnet-group", "ReplicationSubnetGroupDescription": "Your subnet group description", "SubnetIds": [ "subnet-0123EXAMPLE456789", "subnet-012EXAMPLE3456789" ] }

Creating an instance profile

The following example demonstrates creating an instance profile with the CreateInstanceProfile action:

Sample Request

{ "SubnetGroupIdentifier": "my-subnet-group", "VpcSecurityGroupIds": ["sg-0123456789abcdef0"], "VpcIdentifier": "vpc-0123456789abcdef0", "PubliclyAccessible": true, "KmsKeyArn": "arn:aws:kms:us-east-1:012345678901:key/01234567-89ab-cdef-0123-456789abcdef", "InstanceProfileName": "my-instance-profile", "Description": "Description", "NetworkType": "DUAL", "Tags": [ { "Key": "access", "Value": "authorizedusers" } ] }

Example

This example illustrates one usage of CreateInstanceProfile.

Sample Response

{ InstanceProfileName: "testConfigIdentifier1", Description: "A description", InstanceProfileCreationTime: "2023-02-20T14:12:30Z", InstanceProfileArn: "arn:aws:dms:us-east-1:012345678901:instance-profile:resourceId", AvailabilityZone: "us-east-1a", VpcIdentifier: "vpc-cd8c41a9", SubnetGroupIdentifier: ["myGroup"], VpcSecurityGroups: ["sg-5475435"], KmsKeyArn: "arn:aws:kms:us-east-1:012345678901:key/abcdefg-0123-4567-89ab-cdef01234567", EncryptionContext: [ { Key: "aws:servicename:id", Value: "redshift" }, { Key: "aws:redshift:integration:arn", Value: "arn:aws:rds:us-east-1:122333444:integration/0123456789012" } ], NetworkType: "DUAL|IPv4", PubliclyAccessible: true }

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: