DMS replication instance should be publicly accessible
Description
AWS Database Migration Service (AWS DMS) is a service for migrating relational databases, data warehouses, NoSQL databases and other data stores. DMS can be used to migrate data into the AWS Cloud, between on-premises instances, or between combinations of cloud and on-premises environments.
An AWS DMS replication instance can have one public IP address and one private IP address, just like an Amazon Elastic Compute Cloud (Amazon EC2) instance that has a public IP address. If you uncheck (disable) the box for Publicly accessible, then the replication instance has only a private IP address.
Fix - Buildtime
Terraform
- Resource: aws_dms_replication_instance
- Argument: publicly_accessible - (Optional, Default: false) Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.
resource "aws_dms_replication_instance" "test" {
...
allocated_storage = 20
+ publicly_accessible = false
}
CloudFormation
- Resource: AWS::DMS::ReplicationInstance
- Argument: Properties.PubliclyAccessible - (Optional, Default: false) Specifies the accessibility options for the replication instance. A value of true represents an instance with a public IP address. A value of false represents an instance with a private IP address.
Resources:
ReplicationInstance:
Type: AWS::DMS::ReplicationInstance
Properties:
...
+ PubliclyAccessible: False