AWS DMS Terraform module
Upstream version 2.6.1
0 controls from Registry requirements
Terraform Module Source
registry.compliance.tf/terraform-aws-modules/dms/aws53 unique
| Name | Type | Default | Description |
|---|---|---|---|
| Optional | |||
access_iam_role_description | string | null | Description of the role |
access_iam_role_name | string | null | Name to use on IAM role created |
access_iam_role_path | string | null | IAM role path |
access_iam_role_permissions_boundary | string | null | ARN of the policy that is used to set the permissions boundary for the IAM role |
access_iam_role_policies | map(string) | {} | Map of IAM role policy ARNs to attach to the IAM role |
access_iam_role_tags | map(string) | {} | A map of additional tags to add to the IAM role created |
access_iam_role_use_name_prefix | bool | true | Determines whether the IAM role name (`access_iam_role_name`) is used as a prefix |
access_iam_statements | any | {} | A map of IAM policy [statements](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document#statement) for custom permission usage |
access_kms_key_arns | list(string) | [] | A list of KMS key ARNs the access IAM role is permitted to decrypt |
access_secret_arns | list(string) | [] | A list of SecretManager secret ARNs the access IAM role is permitted to access |
access_source_s3_bucket_arns | list(string) | [] | A list of S3 bucket ARNs the access IAM role is permitted to access |
access_target_dynamodb_table_arns | list(string) | [] | A list of DynamoDB table ARNs the access IAM role is permitted to access |
access_target_elasticsearch_arns | list(string) | [] | A list of Elasticsearch ARNs the access IAM role is permitted to access |
access_target_kinesis_arns | list(string) | [] | A list of Kinesis ARNs the access IAM role is permitted to access |
access_target_s3_bucket_arns | list(string) | [] | A list of S3 bucket ARNs the access IAM role is permitted to access |
certificates | map(any) | {} | Map of objects that define the certificates to be created |
create | bool | true | Determines whether resources will be created |
create_access_iam_role | bool | true | Determines whether the ECS task definition IAM role should be created |
create_access_policy | bool | true | Determines whether the IAM policy should be created |
create_iam_roles | bool | true | Determines whether the required [DMS IAM resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.APIRole) will be created |
create_repl_instance | bool | true | Indicates whether a replication instace should be created |
create_repl_subnet_group | bool | true | Determines whether the replication subnet group will be created |
enable_redshift_target_permissions | bool | false | Determines whether `redshift.amazonaws.com` is permitted access to assume the `dms-access-for-endpoint` role |
endpoints | any | {} | Map of objects that define the endpoints to be created |
event_subscription_timeouts | map(string) | {} | A map of timeouts for event subscription create/update/delete operations |
event_subscriptions | any | {} | Map of objects that define the event subscriptions to be created |
iam_role_permissions_boundary | string | null | ARN of the policy that is used to set the permissions boundary for the role |
iam_role_tags | map(string) | {} | A map of additional tags to apply to the DMS IAM roles |
repl_config_timeouts | map(string) | {} | A map of timeouts for serverless replication config create/update/delete operations |
repl_instance_allocated_storage | number | null | The amount of storage (in gigabytes) to be initially allocated for the replication instance. Min: 5, Max: 6144, Default: 50 |
repl_instance_allow_major_version_upgrade | bool | true | Indicates that major version upgrades are allowed |
repl_instance_apply_immediately | bool | null | Indicates whether the changes should be applied immediately or during the next maintenance window |
repl_instance_auto_minor_version_upgrade | bool | true | Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window |
repl_instance_availability_zone | string | null | The EC2 Availability Zone that the replication instance will be created in |
repl_instance_class | string | null | The compute and memory capacity of the replication instance as specified by the replication instance class |
repl_instance_engine_version | string | null | The [engine version](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReleaseNotes.html) number of the replication instance |
repl_instance_id | string | null | The replication instance identifier. This parameter is stored as a lowercase string |
repl_instance_kms_key_arn | string | null | The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters |
repl_instance_multi_az | bool | null | Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true` |
repl_instance_network_type | string | null | The type of IP address protocol used by a replication instance. Valid values: IPV4, DUAL |
repl_instance_preferred_maintenance_window | string | null | The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC) |
repl_instance_publicly_accessible | bool | null | Specifies the accessibility options for the replication instance |
repl_instance_subnet_group_id | string | null | An existing subnet group to associate with the replication instance |
repl_instance_tags | map(string) | {} | A map of additional tags to apply to the replication instance |
repl_instance_timeouts | map(string) | {} | A map of timeouts for replication instance create/update/delete operations |
repl_instance_vpc_security_group_ids | list(string) | null | A list of VPC security group IDs to be used with the replication instance |
repl_subnet_group_description | string | null | The description for the subnet group |
repl_subnet_group_name | string | null | The name for the replication subnet group. Stored as a lowercase string, must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens |
repl_subnet_group_subnet_ids | list(string) | [] | A list of the EC2 subnet IDs for the subnet group |
repl_subnet_group_tags | map(string) | {} | A map of additional tags to apply to the replication subnet group |
replication_tasks | any | {} | Map of objects that define the replication tasks to be created |
s3_endpoints | any | {} | Map of objects that define the S3 endpoints to be created |
tags | map(string) | {} | A map of tags to use on all resources |