AWS dms documentation change
Summary
Clarified that DMS requires SELECT permissions on all columns for consistent metadata
Security assessment
Explains permission requirements for data migration reliability, not security vulnerabilities
Diff
diff --git a/dms/latest/userguide/CHAP_Source.PostgreSQL.md b/dms/latest/userguide/CHAP_Source.PostgreSQL.md index 93f4bbe53..df4362a8a 100644 --- a//dms/latest/userguide/CHAP_Source.PostgreSQL.md +++ b//dms/latest/userguide/CHAP_Source.PostgreSQL.md @@ -104 +104 @@ Before migrating data from a self-managed PostgreSQL source database, do the fol - * For full-load plus CDC tasks or CDC-only tasks, grant superuser permissions for the user account specified for the PostgreSQL source database. The user account needs superuser permissions to access replication-specific functions in the source. For full-load only tasks, the user account needs SELECT permissions on tables to migrate them. + * For full-load plus CDC tasks or CDC-only tasks, grant superuser permissions for the user account specified for the PostgreSQL source database. The user account needs superuser permissions to access replication-specific functions in the source. DMS user account needs SELECT permissions on all columns to migrate tables successfully. In the case of missing permissions on columns, DMS creates target table using regular DMS data type mappings which leads to metadata differences and task failures.