AWS Security ChangesHomeSearch

AWS dms documentation change

Service: dms · 2025-04-16 · Documentation low

File: dms/latest/userguide/CHAP_Source.PostgreSQL.md

Summary

Clarified that DMS requires SELECT permissions on all columns for consistent metadata

Security assessment

Explains permission requirements for data migration reliability, not security vulnerabilities

Diff

diff --git a/dms/latest/userguide/CHAP_Source.PostgreSQL.md b/dms/latest/userguide/CHAP_Source.PostgreSQL.md
index 93f4bbe53..df4362a8a 100644
--- a//dms/latest/userguide/CHAP_Source.PostgreSQL.md
+++ b//dms/latest/userguide/CHAP_Source.PostgreSQL.md
@@ -104 +104 @@ Before migrating data from a self-managed PostgreSQL source database, do the fol
-  * For full-load plus CDC tasks or CDC-only tasks, grant superuser permissions for the user account specified for the PostgreSQL source database. The user account needs superuser permissions to access replication-specific functions in the source. For full-load only tasks, the user account needs SELECT permissions on tables to migrate them.
+  * For full-load plus CDC tasks or CDC-only tasks, grant superuser permissions for the user account specified for the PostgreSQL source database. The user account needs superuser permissions to access replication-specific functions in the source. DMS user account needs SELECT permissions on all columns to migrate tables successfully. In the case of missing permissions on columns, DMS creates target table using regular DMS data type mappings which leads to metadata differences and task failures.