Request Syntax Request Parameters Response Syntax Response Elements Errors Examples See Also

CreateInstanceProfile

Creates the instance profile using the specified parameters.

Request Syntax


{
   "AvailabilityZone": "string",
   "Description": "string",
   "InstanceProfileName": "string",
   "KmsKeyArn": "string",
   "NetworkType": "string",
   "PubliclyAccessible": boolean,
   "SubnetGroupIdentifier": "string",
   "Tags": [ 
      { 
         "Key": "string",
         "ResourceArn": "string",
         "Value": "string"
      }
   ],
   "VpcSecurityGroups": [ "string" ]
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

AvailabilityZone

The Availability Zone where the instance profile will be created. The default value is a random, system-chosen Availability Zone in the AWS Region where your data provider is created, for examplem us-east-1d.

Type: String

Required: No

Description

A user-friendly description of the instance profile.

Type: String

Required: No

InstanceProfileName

A user-friendly name for the instance profile.

Type: String

Required: No

KmsKeyArn

The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.

If you don't specify a value for the KmsKeyArn parameter, then AWS DMS uses an AWS owned encryption key to encrypt your resources.

Type: String

Required: No

NetworkType

Specifies the network type for the instance profile. A value of IPV4 represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of IPV6 represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of DUAL represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.

Type: String

Required: No

PubliclyAccessible

Specifies the accessibility options for the instance profile. A value of true represents an instance profile with a public IP address. A value of false represents an instance profile with a private IP address. The default value is true.

Type: Boolean

Required: No

SubnetGroupIdentifier

A subnet group to associate with the instance profile.

Type: String

Required: No

Tags

One or more tags to be assigned to the instance profile.

Type: Array of Tag objects

Required: No

VpcSecurityGroups

Specifies the VPC security group names to be used with the instance profile. The VPC security group must work with the VPC containing the instance profile.

Type: Array of strings

Required: No

Response Syntax


{
   "InstanceProfile": { 
      "AvailabilityZone": "string",
      "Description": "string",
      "InstanceProfileArn": "string",
      "InstanceProfileCreationTime": "string",
      "InstanceProfileName": "string",
      "KmsKeyArn": "string",
      "NetworkType": "string",
      "PubliclyAccessible": boolean,
      "SubnetGroupIdentifier": "string",
      "VpcSecurityGroups": [ "string" ]
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

InstanceProfile

The instance profile that was created.

Type: InstanceProfile object

Errors

For information about the errors that are common to all actions, see Common Error Types.

AccessDeniedFault

AWS DMS was denied access to the endpoint. Check that the role is correctly configured.

message

HTTP Status Code: 400

FailedDependencyFault

A dependency threw an exception.

HTTP Status Code: 400

InvalidResourceStateFault

The resource is in a state that prevents it from being used for database migration.

message

HTTP Status Code: 400

KMSKeyNotAccessibleFault

AWS DMS cannot access the KMS key.

message

HTTP Status Code: 400

ResourceAlreadyExistsFault

The resource you are attempting to create already exists.

message
resourceArn

HTTP Status Code: 400

ResourceNotFoundFault

The resource could not be found.

message

HTTP Status Code: 400

ResourceQuotaExceededFault

The quota for this resource quota has been exceeded.

message

HTTP Status Code: 400

S3AccessDeniedFault

Insufficient privileges are preventing access to an Amazon S3 object.

HTTP Status Code: 400

S3ResourceNotFoundFault

A specified Amazon S3 bucket, bucket folder, or other object can't be found.

HTTP Status Code: 400

Examples

Create an instance profile

The following example creates an instance profile.

Sample Request


POST / HTTP/1.1
Host: dms.<region>.<domain>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=<SignedHeaders>, Signature=<Signature>
X-Amz-Date: <Date>
X-Amz-Target: AmazonDMSv20160101.CreateInstanceProfile
{
    "InstanceProfileName": "example-instance-profile",
    "Description": "Example instance profile for documentation",
    "SubnetGroupIdentifier": "example-replication-subnet-group",
    "VpcSecurityGroups": ["sg-0123456789abcdef0"],
    "KmsKeyArn": "arn:aws:kms:us-east-1:111122223333:key/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
    "NetworkType": "IPV4",
    "PubliclyAccessible": false
}

Sample Response


HTTP/1.1 200 OK
x-amzn-RequestId: <RequestId>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Date: <Date>
{
    "InstanceProfile": {
        "InstanceProfileArn": "arn:aws:dms:us-east-1:111122223333:instance-profile:EXAMPLEABCDEFGHIJKLMNOPQRS",
        "KmsKeyArn": "arn:aws:kms:us-east-1:111122223333:key/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
        "PubliclyAccessible": false,
        "NetworkType": "IPV4",
        "InstanceProfileName": "example-instance-profile",
        "Description": "Example instance profile for documentation",
        "InstanceProfileCreationTime": "2026-01-09T12:30:00.000000+00:00",
        "SubnetGroupIdentifier": "example-replication-subnet-group",
        "VpcSecurityGroups": [
            "sg-0123456789abcdef0"
        ]
    }
}