Custom roles for MySQL to Azure Database for MySQL migrations using Database Migration Service
This article explains how to set up a custom role for MySQL to Azure Database for MySQL migrations using DMS.
The role has no permission to create a new Database Migration Service and no permission to create a database migration project. Meaning the user assigned to the custom role will need to have an already created Database Migration Service and migration project under the assigned resource group. The user will then be able to create and run migration activities under the migration project.
{
"properties": {
"roleName": "DmsCustomRoleDemoforMySQL",
"description": "",
"assignableScopes": [
"/subscriptions/<DMSSubscription>/resourceGroups/<dmsServiceRG>"
],
"permissions": [
{
"actions": [
"Microsoft.DataMigration/locations/operationResults/read",
"Microsoft.DataMigration/locations/operationStatuses/read",
"Microsoft.DataMigration/services/read",
"Microsoft.DataMigration/services/stop/action",
"Microsoft.DataMigration/services/start/action",
"Microsoft.DataMigration/services/checkStatus/*",
"Microsoft.DataMigration/services/configureWorker/action",
"Microsoft.DataMigration/services/addWorker/action",
"Microsoft.DataMigration/services/removeWorker/action",
"Microsoft.DataMigration/services/updateAgentConfig/action",
"Microsoft.DataMigration/services/slots/read",
"Microsoft.DataMigration/services/projects/*",
"Microsoft.DataMigration/services/serviceTasks/read",
"Microsoft.DataMigration/services/serviceTasks/write",
"Microsoft.DataMigration/services/serviceTasks/delete",
"Microsoft.DataMigration/services/serviceTasks/cancel/action",
"Microsoft.DBforMySQL/flexibleServers/read",
"Microsoft.DBforMySQL/flexibleServers/databases/read",
"Microsoft.DBforMySQL/servers/read",
"Microsoft.DBforMySQL/servers/databases/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.DataMigration/skus/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
]
}
}
You can use either the Azure portal, AZ PowerShell, Azure CLI or Azure REST API to create the roles.
For more information, see the articles Create custom roles using the Azure portal and Azure custom roles.
Role assignment
To assign a role to users, open the Azure portal, perform the following steps:
Navigate to the resource, go to Access Control, and then scroll to find the custom roles you created.
Select the appropriate role, select the User, and then save the changes.
The user now appears listed on the Role assignments tab.
Next steps
- For information about Azure Database for MySQL - Flexible Server, see Overview - Azure Database for MySQL Flexible Server.
- For information about Azure Database Migration Service, see What is Azure Database Migration Service?.
- For information about known issues and limitations when migrating to Azure Database for MySQL - Flexible Server using DMS, see Known Issues With Migrations To Azure Database for MySQL - Flexible Server.
- For information about known issues and limitations when performing migrations using DMS, see Common issues - Azure Database Migration Service.
- For troubleshooting source database connectivity issues while using DMS, see article Issues connecting source databases.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for