Creating source and target endpoints - Amazon Database Migration Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Creating source and target endpoints

You can create source and target endpoints when you create your replication instance or you can create endpoints after your replication instance is created. The source and target data stores can be on an Amazon Elastic Compute Cloud (Amazon EC2) instance, an Amazon Relational Database Service (Amazon RDS) DB instance, or an on-premises database. (Note that one of your endpoints must be on an Amazon service. You can't use Amazon DMS to migrate from an on-premises database to another on-premises database.)

The following procedure assumes that you have chosen the Amazon DMS console wizard. Note that you can also do this step by selecting Endpoints from the Amazon DMS console's navigation pane and then selecting Create endpoint. When using the console wizard, you create both the source and target endpoints on the same page. When not using the console wizard, you create each endpoint separately.

To specify source or target database endpoints using the Amazon console
  1. On the Connect source and target database endpoints page, specify your connection information for the source or target database. The following table describes the settings.

    For this option Do this

    Endpoint type

    Choose whether this endpoint is the source or target endpoint.

    Select RDS DB Instance

    Choose this option if the endpoint is an Amazon RDS DB instance.

    Endpoint identifier

    Type the name you want to use to identify the endpoint. You might want to include in the name the type of endpoint, such as oracle-source or PostgreSQL-target. The name must be unique for all replication instances.

    Source engine and Target engine

    Choose the type of database engine that is the endpoint.

    Access to endpoint database

    Choose the option you want to use to specify endpoint database credentials:

    Choose Amazon Secrets Manager Set the following secret credentials.

    Secret ID

    Type the full Amazon Resource Name (ARN), partial ARN, or friendly name of a secret that you have created in the Amazon Secrets Manager for endpoint database access.

    IAM role

    Type the ARN of a secret access role that you have created in IAM to provide Amazon DMS access on your behalf to the secret identified by Secret ID. For information about creating a secret access role, see Using secrets to access Amazon Database Migration Service endpoints.

    Secret ID for Oracle automatic storage management (ASM)

    (For Oracle source endpoints using Oracle ASM only) Type the full Amazon Resource Name (ARN), partial ARN, or friendly name of a secret that you have created in the Amazon Secrets Manager for Oracle ASM access. This secret is typically created to access Oracle ASM on the same server as the secret identified by Secret ID.

    IAM role for Oracle ASM

    (For Oracle source endpoints using Oracle ASM only) Type the ARN of a secret access role that you have created in IAM to provide Amazon DMS access on your behalf to the secret identified by Secret ID for Oracle automatic storage management (ASM).

    Provide access information manually Set the following clear-text credentials.

    Server name

    Type the server name. For an on-premises database, this can be the IP address or the public hostname. For an Amazon RDS DB instance, this can be the endpoint (also called the DNS name) for the DB instance, such as mysqlsrvinst.abcd12345678.us-west-2.rds.amazonaws.com.

    Port

    Type the port used by the database.

    Secure Socket Layer (SSL) mode

    Choose an SSL mode if you want to enable connection encryption for this endpoint. Depending on the mode you select, you might be asked to provide certificate and server certificate information.

    User name

    Type the user name with the permissions required to allow data migration. For information on the permissions required, see the security section for the source or target database engine in this user guide.

    Password

    Type the password for the account with the required permissions. Passwords for Amazon DMS source and target endpoints have character restrictions, depending on the database engine. For more information, see the following table.

    Database name

    For certain database engines, the name of the database you want to use as the endpoint database.

    The following table lists the unsupported characters in endpoint passwords and secret manager secrets for the listed database engines. If you want to use commas (,) in your endpoint passwords, use the Secrets Manager support provided in Amazon DMS to authenticate access to your Amazon DMS instances. For more information, see Using secrets to access Amazon Database Migration Service endpoints.

    For this database engine The following characters are unsupported in an endpoint password and secret manager secrets

    All

    { }

    Microsoft Azure, as a source only

    ;

    Microsoft SQL Server

    , ;

    MySQL-compatible, including MySQL, MariaDB, and Amazon Aurora MySQL

    ;
    Oracle ,

    PostgreSQL, Amazon Aurora PostgreSQL-Compatible Edition, and Amazon Aurora Serverless as a target only for Aurora PostgreSQL-Compatible Edition

    ; + %

    Amazon Redshift, as a target only

    , ;
  2. Choose Endpoint settings and Amazon KMS key if you need them. You can test the endpoint connection by choosing Run test. The following table describes the settings.

    For this option Do this

    Endpoint settings

    Select any additional connection parameters here. For more information about endpoint settings, see the documentation section for your Source engine or Target engine (specified in step 1).

    For an Oracle source endpoint that uses Oracle ASM, if you choose Provide access information manually in step 1, you might also need to type in endpoint setting to specify Oracle ASM user credentials. For more information on these Oracle ASM endpoint settings, see Using Oracle LogMiner or Amazon DMS Binary Reader for CDC.

    Amazon KMS key

    Choose the encryption key to use to encrypt replication storage and connection information. If you choose (Default) aws/dms, the default Amazon Key Management Service (Amazon KMS) key associated with your account and Amazon Region is used. For more information on using the encryption key, see Setting an encryption key and specifying Amazon KMS permissions.

    Test endpoint connection (optional)

    Add the VPC and replication instance name. To test the connection, choose Run test.