CreateInstanceProfile
Creates the instance profile using the specified parameters.
Request Syntax
{
"AvailabilityZone": "string
",
"Description": "string
",
"InstanceProfileName": "string
",
"KmsKeyArn": "string
",
"NetworkType": "string
",
"PubliclyAccessible": boolean
,
"SubnetGroupIdentifier": "string
",
"Tags": [
{
"Key": "string
",
"ResourceArn": "string
",
"Value": "string
"
}
],
"VpcSecurityGroups": [ "string
" ]
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- AvailabilityZone
-
The Availability Zone where the instance profile will be created. The default value is a random, system-chosen Availability Zone in the Amazon Web Services Region where your data provider is created, for examplem
us-east-1d
.Type: String
Required: No
- Description
-
A user-friendly description of the instance profile.
Type: String
Required: No
- InstanceProfileName
-
A user-friendly name for the instance profile.
Type: String
Required: No
- KmsKeyArn
-
The Amazon Resource Name (ARN) of the Amazon KMS key that is used to encrypt the connection parameters for the instance profile.
If you don't specify a value for the
KmsKeyArn
parameter, then Amazon DMS uses your default encryption key.Amazon KMS creates the default encryption key for your Amazon Web Services account. Your Amazon Web Services account has a different default encryption key for each Amazon Web Services Region.
Type: String
Required: No
- NetworkType
-
Specifies the network type for the instance profile. A value of
IPV4
represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value ofIPV6
represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value ofDUAL
represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.Type: String
Required: No
- PubliclyAccessible
-
Specifies the accessibility options for the instance profile. A value of
true
represents an instance profile with a public IP address. A value offalse
represents an instance profile with a private IP address. The default value istrue
.Type: Boolean
Required: No
- SubnetGroupIdentifier
-
A subnet group to associate with the instance profile.
Type: String
Required: No
- Tags
-
One or more tags to be assigned to the instance profile.
Type: Array of Tag objects
Required: No
- VpcSecurityGroups
-
Specifies the VPC security group names to be used with the instance profile. The VPC security group must work with the VPC containing the instance profile.
Type: Array of strings
Required: No
Response Syntax
{
"InstanceProfile": {
"AvailabilityZone": "string",
"Description": "string",
"InstanceProfileArn": "string",
"InstanceProfileCreationTime": "string",
"InstanceProfileName": "string",
"KmsKeyArn": "string",
"NetworkType": "string",
"PubliclyAccessible": boolean,
"SubnetGroupIdentifier": "string",
"VpcSecurityGroups": [ "string" ]
}
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- InstanceProfile
-
The instance profile that was created.
Type: InstanceProfile object
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedFault
-
Amazon DMS was denied access to the endpoint. Check that the role is correctly configured.
HTTP Status Code: 400
- FailedDependencyFault
-
A dependency threw an exception.
HTTP Status Code: 400
- InvalidResourceStateFault
-
The resource is in a state that prevents it from being used for database migration.
HTTP Status Code: 400
- KMSKeyNotAccessibleFault
-
Amazon DMS cannot access the KMS key.
HTTP Status Code: 400
- ResourceAlreadyExistsFault
-
The resource you are attempting to create already exists.
HTTP Status Code: 400
- ResourceNotFoundFault
-
The resource could not be found.
HTTP Status Code: 400
- ResourceQuotaExceededFault
-
The quota for this resource quota has been exceeded.
HTTP Status Code: 400
- S3AccessDeniedFault
-
Insufficient privileges are preventing access to an Amazon S3 object.
HTTP Status Code: 400
- S3ResourceNotFoundFault
-
A specified Amazon S3 bucket, bucket folder, or other object can't be found.
HTTP Status Code: 400
Examples
Creating a replication subnet group
Before you create an instance profile, you must create a replication subnet group. The following example demonstrates creating a replication subnet group using the CreateReplicationSubnetGroup action:
Sample Request
{
"ReplicationSubnetGroupIdentifier": "your-subnet-group",
"ReplicationSubnetGroupDescription": "Your subnet group description",
"SubnetIds": [
"subnet-0123EXAMPLE456789", "subnet-012EXAMPLE3456789"
]
}
Creating an instance profile
The following example demonstrates creating an instance profile with the CreateInstanceProfile action:
Sample Request
{
"SubnetGroupIdentifier": "my-subnet-group",
"VpcSecurityGroupIds": ["sg-0123456789abcdef0"],
"VpcIdentifier": "vpc-0123456789abcdef0",
"PubliclyAccessible": true,
"KmsKeyArn": "arn:aws:kms:us-east-1:012345678901:key/01234567-89ab-cdef-0123-456789abcdef",
"InstanceProfileName": "my-instance-profile",
"Description": "Description",
"NetworkType": "DUAL",
"Tags": [
{
"Key": "access",
"Value": "authorizedusers"
}
]
}
Example
This example illustrates one usage of CreateInstanceProfile.
Sample Response
{
InstanceProfileName: "testConfigIdentifier1",
Description: "A description",
InstanceProfileCreationTime: "2023-02-20T14:12:30Z",
InstanceProfileArn: "arn:aws:dms:us-east-1:012345678901:instance-profile:resourceId",
AvailabilityZone: "us-east-1a",
VpcIdentifier: "vpc-cd8c41a9",
SubnetGroupIdentifier: ["myGroup"],
VpcSecurityGroups: ["sg-5475435"],
KmsKeyArn: "arn:aws:kms:us-east-1:012345678901:key/abcdefg-0123-4567-89ab-cdef01234567",
EncryptionContext: [
{
Key: "aws:servicename:id",
Value: "redshift"
},
{
Key: "aws:redshift:integration:arn",
Value: "arn:aws:rds:us-east-1:122333444:integration/0123456789012"
}
],
NetworkType: "DUAL|IPv4",
PubliclyAccessible: true
}
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: