Updated on 2023-05-31 GMT+08:00

DMS for Kafka Request Conditions

Request conditions are useful for fine tuning when a custom policy takes effect. A request condition consists of a condition key and operator. Condition keys are either global or service-level and are used in the Condition element of a policy statement. Global condition keys (starting with g:) are available for operations of all services, while service-level condition keys (starting with a service name such as dms:) are available only for operations of a specific service. An operator must be used together with a condition key to form a complete condition statement.

DMS for Kafka has a group of predefined condition keys that can be used in IAM. For example, to define an "Allow" permission, you can use the condition key dms:ssl to check whether SASL is enabled for a Kafka instance. The following table lists the predefined condition keys of DMS for Kafka.

Table 1 Predefined condition keys of DMS for Kafka

Condition Key

Operator

Description

dms:publicIP

Bool

IsNullOrEmpty

BoolIfExists

Whether public access is enabled

dms:ssl

Bool

IsNullOrEmpty

BoolIfExists

Whether SASL is enabled