-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdynamo-table.tf
71 lines (61 loc) · 1.57 KB
/
dynamo-table.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
resource "aws_dynamodb_table" "data_table" {
name = "${local.prefix}-${var.data_table_basename}"
billing_mode = "PAY_PER_REQUEST"
hash_key = "HASH_KEY"
range_key = "SORT_KEY"
attribute {
name = "HASH_KEY"
type = "S"
}
attribute {
name = "SORT_KEY"
type = "N"
}
tags = {
Name = "${local.prefix}/dynamo"
}
}
resource aws_dynamodb_table_item "data_table_item" {
count = 3
table_name = aws_dynamodb_table.data_table.name
hash_key = aws_dynamodb_table.data_table.hash_key
range_key = aws_dynamodb_table.data_table.range_key
item = jsonencode(
{
(aws_dynamodb_table.data_table.hash_key) : {
"S": tostring(local.prefix)
},
(aws_dynamodb_table.data_table.range_key) : {
"N": tostring(format("%d",count.index + 1))
},
"DATA" : {
"S": tostring(format(" ${local.prefix} data %06d ", count.index + 1))
},
})
depends_on = [aws_dynamodb_table.data_table]
}
resource aws_iam_policy "data_table_policy" {
name = "${local.prefix}-${var.data_table_basename}-policy"
policy = jsonencode({
"Version" : "2012-10-17",
"Statement" : [
{
"Sid": "AccessDataTable",
"Effect": "Allow",
"Action": [
"dynamodb:List*",
"dynamodb:BatchGet*",
"dynamodb:DescribeTable",
"dynamodb:Get*",
"dynamodb:Query",
"dynamodb:Scan",
"dynamodb:ConditionCheckItem",
],
"Resource": [aws_dynamodb_table.data_table.arn,]
}
],
})
tags = {
Name = "${local.prefix}/policy"
}
}