Add CloudFormation template for DynamoDB

2024-05-11 05:55:04 +00:00 · 2018-12-02 19:39:03 -08:00
parent 9e5fa38dcf
commit b92564d8d7
2 changed files with 90 additions and 2 deletions
--- a/cf/podsync.yaml
+++ b/cf/podsync.yaml
@@ -0,0 +1,88 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Parameters:
+  Prefix:
+    Type: String
+    Default: "Prod"
+    MinLength: 1
+    Description: "Prefix to be added to all resources"
+Outputs:
+  AccessKey:
+    Description: "DO user access key"
+    Value: !Ref DOUserKey
+  AccessSecret:
+    Description: "DO user secret key"
+    Value: !GetAtt DOUserKey.SecretAccessKey
+Resources:
+  FeedsTable:
+    Type: AWS::DynamoDB::Table
+    Properties:
+      TableName: !Sub "${Prefix}_Feeds"
+      BillingMode: "PROVISIONED"
+      AttributeDefinitions:
+        - AttributeName: "HashID"
+          AttributeType: "S"
+        - AttributeName: "UserID"
+          AttributeType: "S"
+        - AttributeName: "CreatedAt"
+          AttributeType: "N"
+      KeySchema:
+        - AttributeName: "HashID"
+          KeyType: "HASH"
+      GlobalSecondaryIndexes:
+        - IndexName: "UserID-HashID-Index"
+          KeySchema:
+            - AttributeName: "UserID"
+              KeyType: "HASH"
+            - AttributeName: "CreatedAt"
+              KeyType: "RANGE"
+          Projection:
+            ProjectionType: "KEYS_ONLY"
+          ProvisionedThroughput:
+            ReadCapacityUnits: 1
+            WriteCapacityUnits: 1
+      ProvisionedThroughput:
+        ReadCapacityUnits: 10
+        WriteCapacityUnits: 5
+      TimeToLiveSpecification:
+        AttributeName: "ExpirationTime"
+        Enabled: true
+  PledgesTable:
+    Type: AWS::DynamoDB::Table
+    Properties:
+      TableName: !Sub "${Prefix}_Pledges"
+      BillingMode: "PROVISIONED"
+      AttributeDefinitions:
+        - AttributeName: "PatronID"
+          AttributeType: "N"
+      KeySchema:
+        - AttributeName: "PatronID"
+          KeyType: "HASH"
+      ProvisionedThroughput:
+        ReadCapacityUnits: 1
+        WriteCapacityUnits: 1
+  DOUser:
+    Type: AWS::IAM::User
+    DependsOn:
+      - FeedsTable
+      - PledgesTable
+    Properties:
+      Policies:
+        - PolicyName: "DynamoAccess"
+          PolicyDocument:
+            Version: "2012-10-17"
+            Statement:
+              - Effect: Allow
+                Action:
+                  - "dynamodb:ListTables"
+                  - "dynamodb:GetItem"
+                  - "dynamodb:Query"
+                  - "dynamodb:PutItem"
+                  - "dynamodb:UpdateItem"
+                Resource:
+                  - !GetAtt FeedsTable.Arn
+                  - !GetAtt PledgesTable.Arn
+  DOUserKey:
+    Type: AWS::IAM::AccessKey
+    DependsOn: DOUser
+    Properties:
+      UserName: !Ref DOUser
--- a/pkg/storage/dynamo.go
+++ b/pkg/storage/dynamo.go
@@ -47,11 +47,11 @@ Pledges:
 Feeds:
 	Table name:         Feeds
 	Primary key:        HashID (String)
+	RCU:                10
+	WCU:                5
 	Secondary index:
 		Primary key:    UserID (String)
 		Sort key:       HashID (String)
-		RCU:            10
-		WCU:            5
 		Index name:     UserID-HashID-Index
 		Projected attr: Keys only
 		RCU/WCU:        1/1