Sélectionner vos préférences de cookies

Nous utilisons des cookies essentiels et des outils similaires qui sont nécessaires au fonctionnement de notre site et à la fourniture de nos services. Nous utilisons des cookies de performance pour collecter des statistiques anonymes afin de comprendre comment les clients utilisent notre site et d’apporter des améliorations. Les cookies essentiels ne peuvent pas être désactivés, mais vous pouvez cliquer sur « Personnaliser » ou « Refuser » pour refuser les cookies de performance.

Si vous êtes d’accord, AWS et les tiers approuvés utiliseront également des cookies pour fournir des fonctionnalités utiles au site, mémoriser vos préférences et afficher du contenu pertinent, y compris des publicités pertinentes. Pour accepter ou refuser tous les cookies non essentiels, cliquez sur « Accepter » ou « Refuser ». Pour effectuer des choix plus détaillés, cliquez sur « Personnaliser ».

Préférences
Contactez-nous
Commentaire
AWS Documentation
Créer un compte AWS

Security group configuration for AWS DMS

PDF
RSS
Mode de mise au point
Security group configuration for AWS DMS - AWS Database Migration Service
Additional Considerations
Cette page n'a pas été traduite dans votre langue. Demande de traduction

Security group in AWS DMS must allow inbound and outbound connections for your replication instances on the appropriate database port. If you are using Amazon RDS, you must configure the security group between DMS and RDS for your instances.

You must perform the following steps:

Configure the RDS instance security group

  1. Navigate to the Amazon VPC console.

  2. In the navigation pane on the left under Security, select Security Groups.

  3. Select the RDS Security Group associated with your RDS instance.

  4. Edit the inbound rules:

    1. Click Actions and select Edit inbound rules.

    2. Click Add Rule to create a new rule.

    3. Configure the rule as follows:

      • Type: Select your database type (Example: MySQL/Aurora for port 3306, PostgreSQL for port 5432).

      • Protocol: This auto-populates based on your database type.

      • Port Range: this auto-populates based on your database type.

      • Source: Choose Custom, and paste the security group ID associated with your DMS instance. This allows traffic from any resource within that security group. You can also specify the IP range (CIDR block) of your DMS instance.

    4. Click Save rules.

Configure the DMS replication instance security group

  1. Navigate to the Amazon VPC console.

  2. In the navigation pane on the left under Security, select Security Groups.

  3. In the Security Group list find and select the security group associated with your DMS replication instance.

  4. Edit the outbound rules:

    1. Click Actions and select Edit outbound rules.

    2. Click Add Rule to create a new rule.

    3. Configure the rule as follows:

      • Type: Select your database type (Example: MySQL/Aurora, PostgreSQL).

      • Protocol: This auto-populates based on your database type.

      • Port Range: this auto-populates based on your database type.

      • Source: Choose Custom, and paste the security group ID associated with your RDS instance. This allows traffic from any resource within that security group. You can also specify the IP range (CIDR block) of your RDS instance.

    4. Click Save rules.

Additional Considerations

You must consider the following additional configuration information:

  • Use Security Group References: Referencing security groups in the source or destional instances allows for dynamic management and is more secure than using IP addresses as it automatically included all resources within the group.

  • Database Ports: Ensure you are using the correct port for your database.

  • Security Best Practices: Only open the necessary ports to minimize security risks. you must also regular review of your security group rules to ensure they meed your security standards and requirements.

Sur cette page

ConfidentialitéConditions d'utilisation du sitePréférences de cookies
© 2025, Amazon Web Services, Inc. ou ses affiliés. Tous droits réservés.