AWS DMS S3 端点 SSE-KMS(InvalidParameterCombinationException)
AWS DMS S3 Endpoint SSE-KMS (InvalidParameterCombinationException)
正在尝试使用 Lambda/Boto3 修改端点。
根据文档:
response = client.modify_endpoint(
EndpointArn='string',
S3Settings={
'EncryptionMode': 'sse-s3'|'sse-kms',
'ServerSideEncryptionKmsKeyId': 'string',
}
但是,当我设置 'sse-kms' 并传递我的 KeyID 时,我收到此错误:
[ERROR] ClientError: An error occurred
(InvalidParameterCombinationException) when calling the ModifyEndpoint
operation: Only SSE_S3 encryption mode supported. Traceback (most
recent call last): File "/var/task/main.py", line 16, in main
response = client.modify_endpoint( File "/var/runtime/botocore/client.py", line 316, in _api_call
return self._make_api_call(operation_name, kwargs) File "/var/runtime/botocore/client.py", line 635, in _make_api_call
raise error_class(parsed_response, operation_name)
这是我的完整 Lambda:
def main(event,context):
client = boto3.client('dms')
response = client.modify_endpoint(
EndpointArn = 'arn:aws:dms:us-east-1:123456789012:endpoint:xxxxxxxxxxxxxxxxxxxxxxxxxxxx',
ExtraConnectionAttributes = 'cdcPath=undefined',
S3Settings = {
'CompressionType': 'none',
'DataFormat': 'parquet',
'EncryptionMode': 'sse-kms',
'ServerSideEncryptionKmsKeyId': 'arn:aws:kms:us-east-1:772631637424:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
}
)
看起来您已经创建或您现有的端点 EncryptionMode 设置为 SSE_S3。根据 this 文档,您无法将 SSE_S3 更改为 SSE_KMS。
对于 ModifyEndpoint 操作,您可以将 EncryptionMode 参数的现有值从 SSE_KMS 更改为 SSE_S3。但是您不能将现有值从 SSE_S3 更改为 SSE_KMS。
正在尝试使用 Lambda/Boto3 修改端点。
根据文档:
response = client.modify_endpoint(
EndpointArn='string',
S3Settings={
'EncryptionMode': 'sse-s3'|'sse-kms',
'ServerSideEncryptionKmsKeyId': 'string',
}
但是,当我设置 'sse-kms' 并传递我的 KeyID 时,我收到此错误:
[ERROR] ClientError: An error occurred (InvalidParameterCombinationException) when calling the ModifyEndpoint operation: Only SSE_S3 encryption mode supported. Traceback (most recent call last): File "/var/task/main.py", line 16, in main response = client.modify_endpoint( File "/var/runtime/botocore/client.py", line 316, in _api_call return self._make_api_call(operation_name, kwargs) File "/var/runtime/botocore/client.py", line 635, in _make_api_call raise error_class(parsed_response, operation_name)
这是我的完整 Lambda:
def main(event,context):
client = boto3.client('dms')
response = client.modify_endpoint(
EndpointArn = 'arn:aws:dms:us-east-1:123456789012:endpoint:xxxxxxxxxxxxxxxxxxxxxxxxxxxx',
ExtraConnectionAttributes = 'cdcPath=undefined',
S3Settings = {
'CompressionType': 'none',
'DataFormat': 'parquet',
'EncryptionMode': 'sse-kms',
'ServerSideEncryptionKmsKeyId': 'arn:aws:kms:us-east-1:772631637424:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
}
)
看起来您已经创建或您现有的端点 EncryptionMode 设置为 SSE_S3。根据 this 文档,您无法将 SSE_S3 更改为 SSE_KMS。
对于 ModifyEndpoint 操作,您可以将 EncryptionMode 参数的现有值从 SSE_KMS 更改为 SSE_S3。但是您不能将现有值从 SSE_S3 更改为 SSE_KMS。