ERROR while Migrating data from AWS Aurora- MySQL to DynamoDB

Sharul Agrawal

unread,

May 15, 2019, 6:21:01 AM5/15/19

to Vault

Hi,

I am trying to use operator-migrate command to migrate existing vault data which is there in AWS Aurora MySQL RDS instance to DynamoDB.

Here is my migrate.hcl file:

storage_source "mysql" {

address = "<endpoint of rds instance>"

database = "t"

table = "vaultdata"

username = ""

max_parallel = "900"

password = ""

}

storage_destination "dynamodb" {

region = "eu-west-1"

table = "t_dynamodb"

}

First of all , Is this correct configuration?

Because I am getting "failed to check mysql" error as follows while running command



/ # vault operator migrate -config migrate.hcl
Error migrating: error mounting 'storage_source': failed to check mysql schema exist: dial tcp 10.12.6.204:3306: connect: connection timed out

PS: I am running vault as a container in openshift(running in EC2) which is in same VPC as AWS database and same security group.

Roman Eos

unread,

May 15, 2019, 6:52:20 AM5/15/19

to Vault

This looks like connectivity issue to mysql db "10.12.6.204:3306: connect: connection timed out"

Make sure that mysql is accessible by the address that you've configured.

Config looks good, but there are no credentials set for dynamodb storage in the config, I assume you set this as ENV vars.

среда, 15 мая 2019 г., 13:21:01 UTC+3 пользователь Sharul Agrawal написал:

Sharul Agrawal

unread,

May 15, 2019, 8:39:41 AM5/15/19

to Vault

I have added MySQL/Aurora as TCP rule in AWS security group also. Not sure what more to check

Becca Petrin

unread,

May 15, 2019, 6:13:12 PM5/15/19

to Vault

Hi Sharul,

Sounds like you've taken a look at the security group, which is great.

It would probably also be good to double-check whether, inside the container where you're running the migrate command, you can reach MySQL without going through Vault. I believe there's a "$ mysqladmin ping" command that can be used, though I'm not familiar with the details. Once that's working, I'd just double-check that Vault has the exact same parameters for reaching MySQL as you used successfully within the container.

-Becca

Sharul Agrawal

unread,

May 20, 2019, 6:54:24 AM5/20/19

to Vault

Thanks, it worked. There was minor IP address change in security groups.

Reply all

Reply to author

Forward