CreateInstanceProfile
Creates the instance profile using the specified parameters.
Request Syntax
{
"AvailabilityZone": "string",
"Description": "string",
"InstanceProfileName": "string",
"KmsKeyArn": "string",
"NetworkType": "string",
"PubliclyAccessible": boolean,
"SubnetGroupIdentifier": "string",
"Tags": [
{
"Key": "string",
"ResourceArn": "string",
"Value": "string"
}
],
"VpcSecurityGroups": [ "string" ]
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- AvailabilityZone
-
The Availability Zone where the instance profile will be created. The default value is a random, system-chosen Availability Zone in the AWS Region where your data provider is created, for examplem
us-east-1d.Type: String
Required: No
- Description
-
A user-friendly description of the instance profile.
Type: String
Required: No
- InstanceProfileName
-
A user-friendly name for the instance profile.
Type: String
Required: No
- KmsKeyArn
-
The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.
If you don't specify a value for the
KmsKeyArnparameter, then AWS DMS uses your default encryption key.AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.
Type: String
Required: No
- NetworkType
-
Specifies the network type for the instance profile. A value of
IPV4represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value ofIPV6represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value ofDUALrepresents an instance profile with dual network type that supports IPv4 and IPv6 addressing.Type: String
Required: No
- PubliclyAccessible
-
Specifies the accessibility options for the instance profile. A value of
truerepresents an instance profile with a public IP address. A value offalserepresents an instance profile with a private IP address. The default value istrue.Type: Boolean
Required: No
- SubnetGroupIdentifier
-
A subnet group to associate with the instance profile.
Type: String
Required: No
- Tags
-
One or more tags to be assigned to the instance profile.
Type: Array of Tag objects
Required: No
- VpcSecurityGroups
-
Specifies the VPC security group names to be used with the instance profile. The VPC security group must work with the VPC containing the instance profile.
Type: Array of strings
Required: No
Response Syntax
{
"InstanceProfile": {
"AvailabilityZone": "string",
"Description": "string",
"InstanceProfileArn": "string",
"InstanceProfileCreationTime": "string",
"InstanceProfileName": "string",
"KmsKeyArn": "string",
"NetworkType": "string",
"PubliclyAccessible": boolean,
"SubnetGroupIdentifier": "string",
"VpcSecurityGroups": [ "string" ]
}
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- InstanceProfile
-
The instance profile that was created.
Type: InstanceProfile object
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedFault
-
AWS DMS was denied access to the endpoint. Check that the role is correctly configured.
HTTP Status Code: 400
- FailedDependencyFault
-
A dependency threw an exception.
HTTP Status Code: 400
- InvalidResourceStateFault
-
The resource is in a state that prevents it from being used for database migration.
HTTP Status Code: 400
- KMSKeyNotAccessibleFault
-
AWS DMS cannot access the KMS key.
HTTP Status Code: 400
- ResourceAlreadyExistsFault
-
The resource you are attempting to create already exists.
HTTP Status Code: 400
- ResourceNotFoundFault
-
The resource could not be found.
HTTP Status Code: 400
- ResourceQuotaExceededFault
-
The quota for this resource quota has been exceeded.
HTTP Status Code: 400
- S3AccessDeniedFault
-
Insufficient privileges are preventing access to an Amazon S3 object.
HTTP Status Code: 400
- S3ResourceNotFoundFault
-
A specified Amazon S3 bucket, bucket folder, or other object can't be found.
HTTP Status Code: 400
Examples
Creating a replication subnet group
Before you create an instance profile, you must create a replication subnet group. The following example demonstrates creating a replication subnet group using the CreateReplicationSubnetGroup action:
Sample Request
{
"ReplicationSubnetGroupIdentifier": "your-subnet-group",
"ReplicationSubnetGroupDescription": "Your subnet group description",
"SubnetIds": [
"subnet-0123EXAMPLE456789", "subnet-012EXAMPLE3456789"
]
}Creating an instance profile
The following example demonstrates creating an instance profile with the CreateInstanceProfile action:
Sample Request
{
"SubnetGroupIdentifier": "my-subnet-group",
"VpcSecurityGroupIds": ["sg-0123456789abcdef0"],
"VpcIdentifier": "vpc-0123456789abcdef0",
"PubliclyAccessible": true,
"KmsKeyArn": "arn:aws:kms:us-east-1:012345678901:key/01234567-89ab-cdef-0123-456789abcdef",
"InstanceProfileName": "my-instance-profile",
"Description": "Description",
"NetworkType": "DUAL",
"Tags": [
{
"Key": "access",
"Value": "authorizedusers"
}
]
}Example
This example illustrates one usage of CreateInstanceProfile.
Sample Response
{
InstanceProfileName: "testConfigIdentifier1",
Description: "A description",
InstanceProfileCreationTime: "2023-02-20T14:12:30Z",
InstanceProfileArn: "arn:aws:dms:us-east-1:012345678901:instance-profile:resourceId",
AvailabilityZone: "us-east-1a",
VpcIdentifier: "vpc-cd8c41a9",
SubnetGroupIdentifier: ["myGroup"],
VpcSecurityGroups: ["sg-5475435"],
KmsKeyArn: "arn:aws:kms:us-east-1:012345678901:key/abcdefg-0123-4567-89ab-cdef01234567",
EncryptionContext: [
{
Key: "aws:servicename:id",
Value: "redshift"
},
{
Key: "aws:redshift:integration:arn",
Value: "arn:aws:rds:us-east-1:122333444:integration/0123456789012"
}
],
NetworkType: "DUAL|IPv4",
PubliclyAccessible: true
}See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
