Scribd
Upload
73 views23 pages

AWS DMS Lab Setup Instructions

This document provides instructions for students to set up the prerequisite environment for an AWS Database Migration Service (DMS) lab. It includes creating a VPC, subnets, security groups, an S3 bucket, and IAM roles using an AWS CloudFormation template. The template will create the necessary infrastructure and students should note the output values for the S3 bucket name and IAM roles to use in the main DMS lab.

Uploaded by

cruizp1308
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
73 views23 pages

AWS DMS Lab Setup Instructions

This document provides instructions for students to set up the prerequisite environment for an AWS Database Migration Service (DMS) lab. It includes creating a VPC, subnets, security groups, an S3 bucket, and IAM roles using an AWS CloudFormation template. The template will create the necessary infrastructure and students should note the output values for the S3 bucket name and IAM roles to use in the main DMS lab.

Uploaded by

cruizp1308
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Amazon Web Services

Data Engineering Immersion Day


Database Migration Services Student Setup Instructions
November 2019

1
Table of Contents
Introduction............................................................................................................................2
Create the Student Environment.............................................................................................3
Appendix: AWS CloudFormation Template............................................................................4

1
Database Migration Services Instructor Environment for the Lab

Introduction
This guide helps students set up the pre-environment for the AWS Database Migration Service
(AWS DMS) lab.

AWS DMS required source and destination as shown below:

Your instructor will provide you source database details during main lab to configure source
endpoint. If you ran instructor lab to setup your own instance of Postgre database then use
instance endpoint from instructor lab.

In this lab, you will complete the following pre-requisite using AWS CloudFormation template
deployment:

1. Create required VPC setup for AWS DMS instance.


2. Create Amazon S3 bucket for destination end point configuration.
3. Create required Amazon S3 bucket policy to put data by AWS DMS service.
4. Create Glue Service Role to use in later hands-on workshop.

2
Database Migration Services Instructor Environment for the Lab

Create the Student Environment


***Make sure you select the us-east-1 (Virginia) region***

1. Sign in to the AWS console where you will host the student environment.
2. Navigate to the AWS CloudFormation page.
3. Launch a new stack with the AWS CloudFormation template
DMSlab_student_CFN_addedRole.json provided with your lab package. Alternatively,
You can follow instruction in Appendix : AWS CloudFormation Template to create AWS
CloudFormation template for this lab.
a. (If this is not a new environment, the stack may fail if the role “dms-vpc-role”
already exists. If it does, use DMSlab_student_CFN.json template instead.)

4. Launch the stack. It may take up to 5 minutes for the stack to launch.

5. Click in the Output tab and take note of value for BucketName , GlueLabRole and
DMSLabRoleS3 , which you are going to use in future labs.

3
Database Migration Services Instructor Environment for the Lab

Also take note of resource tab where you have information regarding VPC , Subnet etc.

Begin the main AWS DMS lab after the stack is launched.

Appendix: AWS CloudFormation Template


The AWS CloudFormation template is below. This template only works in the us-east-1
region.

DMSlab_student_CFN.json

{
"AWSTemplateFormatVersion": "2010-09-09",
"Outputs": {
"DMSLabRoleS3": {
"Description": "The DMS serivce role",

4
Database Migration Services Instructor Environment for the Lab

"Value": {
"Ref": "DMSLabRoleS3"
}
},
"GlueLabRole": {
"Description": "The Glue service role",
"Value": {
"Ref": "GlueLabRole"
}
},
"BucketName" : {
"Description" : "S3 Bucket that was created" ,
"Value" : {
"Ref" : "DMSLabS3Bucket"
}
}
},
"Resources": {
"dmslabstudentvpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "[Link]/24",
"InstanceTenancy": "default",
"EnableDnsSupport": "true",
"EnableDnsHostnames": "false",
"Tags": [
{
"Key": "Name",
"Value": "dmslstudv1"
}
]
}
},
"dmslabstudentsubnet1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "[Link]/26",
"AvailabilityZone": "us-east-1a",
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"Tags": [
{
"Key": "Name",
"Value": "dmslstudv1"
}

5
Database Migration Services Instructor Environment for the Lab

]
}
},
"dmslabstudentsubnet2": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "[Link]/26",
"AvailabilityZone": "us-east-1c",
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"Tags": [
{
"Key": "Name",
"Value": "dmslstudv1"
}
]
}
},
"dmslabstudentsubnet3": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "[Link]/26",
"AvailabilityZone": "us-east-1b",
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"Tags": [
{
"Key": "Name",
"Value": "dmslstudv1"
}
]
}
},
"dmslabstudentigw": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {
"Tags": [
{
"Key": "Name",
"Value": "DMSLab-IGW"
}
]
}
},

6
Database Migration Services Instructor Environment for the Lab

"dopt1b68e47c": {
"Type": "AWS::EC2::DHCPOptions",
"Properties": {
"DomainName": "[Link]",
"DomainNameServers": [
"AmazonProvidedDNS"
]
}
},
"dmslabstudentacl": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": {
"Ref": "dmslabstudentvpc"
}
}
},
"dmslabstudentrtable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "dmslabstudentvpc"
}
}
},
"sgdefault": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "default VPC security group",
"VpcId": {
"Ref": "dmslabstudentvpc"
}
}
},
"acl1": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "[Link]/0",
"Egress": "true",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "dmslabstudentacl"
}
}

7
Database Migration Services Instructor Environment for the Lab

},
"acl2": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "[Link]/0",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "dmslabstudentacl"
}
}
},
"subnetacl1": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "dmslabstudentacl"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet3"
}
}
},
"subnetacl2": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "dmslabstudentacl"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet1"
}
}
},
"subnetacl3": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "dmslabstudentacl"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet2"
}
}
},

8
Database Migration Services Instructor Environment for the Lab

"gw1": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"InternetGatewayId": {
"Ref": "dmslabstudentigw"
}
}
},
"subnetroute1": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "dmslabstudentrtable"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet1"
}
}
},
"subnetroute3": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "dmslabstudentrtable"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet3"
}
}
},
"subnetroute4": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "dmslabstudentrtable"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet2"
}
}
},
"route1": {
"Type": "AWS::EC2::Route",

9
Database Migration Services Instructor Environment for the Lab

"Properties": {
"DestinationCidrBlock": "[Link]/0",
"RouteTableId": {
"Ref": "dmslabstudentrtable"
},
"GatewayId": {
"Ref": "dmslabstudentigw"
}
},
"DependsOn": "gw1"
},
"dchpassoc1": {
"Type": "AWS::EC2::VPCDHCPOptionsAssociation",
"Properties": {
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"DhcpOptionsId": {
"Ref": "dopt1b68e47c"
}
}
},
"ingress1": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgdefault"
},
"IpProtocol": "-1",
"SourceSecurityGroupId": {
"Ref": "sgdefault"
},
"SourceSecurityGroupOwnerId": "105763911922"
}
},
"egress1": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgdefault"
},
"IpProtocol": "-1",
"CidrIp": "[Link]/0"
}
},
"DMSLabS3Bucket": {

10
Database Migration Services Instructor Environment for the Lab

"Type": "AWS::S3::Bucket"
},
"DMSLabS3Policy": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyName": "DMSLabS3Policy",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": [
{
"Fn::Join": [
"",
[
{
"Fn::GetAtt": [
"DMSLabS3Bucket",
"Arn"
]
},
"/*"
]
]
}
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
{
"Fn::GetAtt": [
"DMSLabS3Bucket",
"Arn"
]
}
]

11
Database Migration Services Instructor Environment for the Lab

}
]
},
"Roles": [
{
"Ref": "DMSLabRoleS3"
},
{
"Ref": "GlueLabRole"
}
]
}
},
"DMSLabRoleS3": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"[Link]"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/"
}
},
"GlueLabRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"[Link]"

12
Database Migration Services Instructor Environment for the Lab

]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/service-role/",
"ManagedPolicyArns": [
"arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole"
]
}
}
}
}

DMSlab_student_CFN_addedRole.json

{
"AWSTemplateFormatVersion": "2010-09-09",
"Outputs": {
"DMSLabRoleS3": {
"Description": "The DMS serivce role",
"Value": {
"Ref": "DMSLabRoleS3"
}
},
"GlueLabRole": {
"Description": "The Glue service role",
"Value": {
"Ref": "GlueLabRole"
}
},
"BucketName" : {
"Description" : "S3 Bucket that was created" ,
"Value" : {
"Ref" : "DMSLabS3Bucket"
}
}
},
"Resources": {
"dmslabstudentvpc": {

13
Database Migration Services Instructor Environment for the Lab

"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "[Link]/24",
"InstanceTenancy": "default",
"EnableDnsSupport": "true",
"EnableDnsHostnames": "false",
"Tags": [
{
"Key": "Name",
"Value": "dmslstudv1"
}
]
}
},
"dmslabstudentsubnet1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "[Link]/26",
"AvailabilityZone": "us-east-1a",
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"Tags": [
{
"Key": "Name",
"Value": "dmslstudv1"
}
]
}
},
"dmslabstudentsubnet2": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "[Link]/26",
"AvailabilityZone": "us-east-1c",
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"Tags": [
{
"Key": "Name",
"Value": "dmslstudv1"
}
]

14
Database Migration Services Instructor Environment for the Lab

}
},
"dmslabstudentsubnet3": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "[Link]/26",
"AvailabilityZone": "us-east-1b",
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"Tags": [
{
"Key": "Name",
"Value": "dmslstudv1"
}
]
}
},
"dmslabstudentigw": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {
"Tags": [
{
"Key": "Name",
"Value": "DMSLab-IGW"
}
]
}
},
"dopt1b68e47c": {
"Type": "AWS::EC2::DHCPOptions",
"Properties": {
"DomainName": "[Link]",
"DomainNameServers": [
"AmazonProvidedDNS"
]
}
},
"dmslabstudentacl": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": {
"Ref": "dmslabstudentvpc"
}

15
Database Migration Services Instructor Environment for the Lab

}
},
"dmslabstudentrtable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "dmslabstudentvpc"
}
}
},
"sgdefault": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "default VPC security group",
"VpcId": {
"Ref": "dmslabstudentvpc"
}
}
},
"acl1": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "[Link]/0",
"Egress": "true",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "dmslabstudentacl"
}
}
},
"acl2": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "[Link]/0",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "dmslabstudentacl"
}
}
},

16
Database Migration Services Instructor Environment for the Lab

"subnetacl1": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "dmslabstudentacl"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet3"
}
}
},
"subnetacl2": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "dmslabstudentacl"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet1"
}
}
},
"subnetacl3": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "dmslabstudentacl"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet2"
}
}
},
"gw1": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"InternetGatewayId": {
"Ref": "dmslabstudentigw"
}
}
},

17
Database Migration Services Instructor Environment for the Lab

"subnetroute1": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "dmslabstudentrtable"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet1"
}
}
},
"subnetroute3": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "dmslabstudentrtable"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet3"
}
}
},
"subnetroute4": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "dmslabstudentrtable"
},
"SubnetId": {
"Ref": "dmslabstudentsubnet2"
}
}
},
"route1": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "[Link]/0",
"RouteTableId": {
"Ref": "dmslabstudentrtable"
},
"GatewayId": {
"Ref": "dmslabstudentigw"
}
},

18
Database Migration Services Instructor Environment for the Lab

"DependsOn": "gw1"
},
"dchpassoc1": {
"Type": "AWS::EC2::VPCDHCPOptionsAssociation",
"Properties": {
"VpcId": {
"Ref": "dmslabstudentvpc"
},
"DhcpOptionsId": {
"Ref": "dopt1b68e47c"
}
}
},
"ingress1": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgdefault"
},
"IpProtocol": "-1",
"SourceSecurityGroupId": {
"Ref": "sgdefault"
},
"SourceSecurityGroupOwnerId": "105763911922"
}
},
"egress1": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgdefault"
},
"IpProtocol": "-1",
"CidrIp": "[Link]/0"
}
},
"DMSLabS3Bucket": {
"Type": "AWS::S3::Bucket"
},
"DMSLabS3Policy": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyName": "DMSLabS3Policy",
"PolicyDocument": {

19
Database Migration Services Instructor Environment for the Lab

"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": [
{
"Fn::Join": [
"",
[
{
"Fn::GetAtt": [
"DMSLabS3Bucket",
"Arn"
]
},
"/*"
]
]
}
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
{
"Fn::GetAtt": [
"DMSLabS3Bucket",
"Arn"
]
}
]
}
]
},
"Roles": [
{

20
Database Migration Services Instructor Environment for the Lab

"Ref": "DMSLabRoleS3"
},
{
"Ref": "GlueLabRole"
},
{
"Ref": "DmsVpcRole"
}
]
}
},
"DMSLabRoleS3": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"[Link]"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/"
}
},
"GlueLabRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"[Link]"

21
Database Migration Services Instructor Environment for the Lab

]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/service-role/",
"ManagedPolicyArns": [
"arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole"
]
}
},
"DmsVpcRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"[Link]"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"RoleName" : "dms-vpc-role",
"Path": "/",
"ManagedPolicyArns": [
"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole"
]
}
}
}
}

22

You might also like