无法按照记录导入证书
Not able to import certificate as documented
我遵循了本页提到的所有步骤。
https://docs.aws.amazon.com/dms/latest/userguide/target.docdb.html
问题是 "import certificate" 按钮被禁用,我无法上传证书。
You can download the public key for Amazon DocumentDB as the rds-combined-ca-bundle.pem file from an AWS-hosted Amazon S3 bucket.
After you download this .pem file, you can import the file into AWS DMS as described following.
AWS Management Console
To import the public key (.pem) file
Open the AWS DMS console at https://console.aws.amazon.com/dms.
In the navigation pane, choose Certificates.
Choose Import certificate and do the following:
For Certificate identifier, enter a unique name for the certificate, for example docdb-cert.
For Import file, navigate to the location where you saved the .pem file.
When the settings are as you want them, choose Add new CA certificate.
这看起来像是权限问题。 official documentation 中有一条注释说:
If you are signed in as an AWS Identity and Access Management (IAM) user, you must have the appropriate permissions to access AWS DMS. For more information on the permissions required for database migration, see IAM Permissions Needed to Use AWS DMS
更具体地说:
The following section is required to allow the user to call AWS DMS API operations.
{
"Effect": "Allow",
"Action": "dms:*",
"Resource": "*"
}
此外,对于 MongoDB,确保您在创建端点时没有 select verify-ca 作为 SSL 模式——目前不支持它:https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.SSL.html
这是因为旧界面面临的 GUI 问题。 DMS首页有消息...
Try out the new look and feel of the DMS console We've heard your
feedback! We fixed a number of usability issues and improved the
overall look and feel. Try it out!
您需要点击"Try it out!" link然后上传证书。没有问题如下图
但是如果您继续使用旧的用户界面,您将由于浏览器故障而无法上传证书。
如您所见,"Add new CA certificate" 按钮保持禁用状态。不过我没有通过 AWS 命令行检查。
我遵循了本页提到的所有步骤。 https://docs.aws.amazon.com/dms/latest/userguide/target.docdb.html
问题是 "import certificate" 按钮被禁用,我无法上传证书。
You can download the public key for Amazon DocumentDB as the rds-combined-ca-bundle.pem file from an AWS-hosted Amazon S3 bucket.
After you download this .pem file, you can import the file into AWS DMS as described following.
AWS Management Console
To import the public key (.pem) file
Open the AWS DMS console at https://console.aws.amazon.com/dms.
In the navigation pane, choose Certificates.
Choose Import certificate and do the following:
For Certificate identifier, enter a unique name for the certificate, for example docdb-cert.
For Import file, navigate to the location where you saved the .pem file.
When the settings are as you want them, choose Add new CA certificate.
这看起来像是权限问题。 official documentation 中有一条注释说:
If you are signed in as an AWS Identity and Access Management (IAM) user, you must have the appropriate permissions to access AWS DMS. For more information on the permissions required for database migration, see IAM Permissions Needed to Use AWS DMS
更具体地说:
The following section is required to allow the user to call AWS DMS API operations.
{ "Effect": "Allow", "Action": "dms:*", "Resource": "*" }
此外,对于 MongoDB,确保您在创建端点时没有 select verify-ca 作为 SSL 模式——目前不支持它:https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.SSL.html
这是因为旧界面面临的 GUI 问题。 DMS首页有消息...
Try out the new look and feel of the DMS console We've heard your feedback! We fixed a number of usability issues and improved the overall look and feel. Try it out!
您需要点击"Try it out!" link然后上传证书。没有问题如下图
但是如果您继续使用旧的用户界面,您将由于浏览器故障而无法上传证书。
如您所见,"Add new CA certificate" 按钮保持禁用状态。不过我没有通过 AWS 命令行检查。