AWS::DynamoDB::Table - AWS CloudFormation (original) (raw)
The AWS::DynamoDB::Table resource creates a DynamoDB table. For more information, see CreateTable in the Amazon DynamoDB API Reference.
You should be aware of the following behaviors when working with DynamoDB tables:
- AWS CloudFormation typically creates DynamoDB tables in parallel. However, if your template includes multiple DynamoDB tables with indexes, you must declare dependencies so that the tables are created sequentially. Amazon DynamoDB limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DynamoDB returns an error and the stack operation fails. For an example, see DynamoDB Table with a DependsOn Attribute.
Important
Our guidance is to use the latest schema documented for your AWS CloudFormation templates. This schema supports the provisioning of all table settings below. When using this schema in your AWS CloudFormation templates, please ensure that your Identity and Access Management (IAM) policies are updated with appropriate permissions to allow for the authorization of these setting changes.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{
"Type" : "AWS::DynamoDB::Table",
"Properties" : {
"AttributeDefinitions" : [ AttributeDefinition, ... ],
"BillingMode" : String,
"ContributorInsightsSpecification" : ContributorInsightsSpecification,
"DeletionProtectionEnabled" : Boolean,
"GlobalSecondaryIndexes" : [ GlobalSecondaryIndex, ... ],
"ImportSourceSpecification" : ImportSourceSpecification,
"KeySchema" : [ KeySchema, ... ],
"KinesisStreamSpecification" : KinesisStreamSpecification,
"LocalSecondaryIndexes" : [ LocalSecondaryIndex, ... ],
"OnDemandThroughput" : OnDemandThroughput,
"PointInTimeRecoverySpecification" : PointInTimeRecoverySpecification,
"ProvisionedThroughput" : ProvisionedThroughput,
"ResourcePolicy" : ResourcePolicy,
"SSESpecification" : SSESpecification,
"StreamSpecification" : StreamSpecification,
"TableClass" : String,
"TableName" : String,
"Tags" : [ Tag, ... ],
"TimeToLiveSpecification" : TimeToLiveSpecification,
"WarmThroughput" : WarmThroughput
}
}
Properties
AttributeDefinitions
A list of attributes that describe the key schema for the table and indexes.
This property is required to create a DynamoDB table.
Update requires: Some interruptions. Replacement if you edit an existing AttributeDefinition.
Required: Conditional
Type: Array of AttributeDefinition
Update requires: No interruption
BillingMode
Specify how you are charged for read and write throughput and how you manage capacity.
Valid values include:
PAY_PER_REQUEST- We recommend usingPAY_PER_REQUESTfor most DynamoDB workloads.PAY_PER_REQUESTsets the billing mode to On-demand capacity mode.PROVISIONED- We recommend usingPROVISIONEDfor steady workloads with predictable growth where capacity requirements can be reliably forecasted.PROVISIONEDsets the billing mode to Provisioned capacity mode.
If not specified, the default is PROVISIONED.
Required: No
Type: String
Allowed values: PROVISIONED | PAY_PER_REQUEST
Update requires: No interruption
ContributorInsightsSpecification
The settings used to enable or disable CloudWatch Contributor Insights for the specified table.
Required: No
Type: ContributorInsightsSpecification
Update requires: No interruption
DeletionProtectionEnabled
Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see Using deletion protection in the Amazon DynamoDBDeveloper Guide.
Required: No
Type: Boolean
Update requires: No interruption
GlobalSecondaryIndexes
Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.
Important
If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is ACTIVE. You can track its status by using the DynamoDB DescribeTable command.
If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.
Updates are not supported. The following are exceptions:
- If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.
- You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.
Required: No
Type: Array of GlobalSecondaryIndex
Update requires: No interruption
ImportSourceSpecification
Specifies the properties of data being imported from the S3 bucket source to the" table.
Important
If you specify the ImportSourceSpecification property, and also specify either the StreamSpecification, the TableClass property, theDeletionProtectionEnabled property, or the WarmThroughput property, the IAM entity creating/updating stack must have UpdateTable permission.
Required: No
Type: ImportSourceSpecification
Update requires: Replacement
KeySchema
Specifies the attributes that make up the primary key for the table. The attributes in the KeySchema property must also be defined in theAttributeDefinitions property.
Required: Yes
Update requires: Some interruptions
KinesisStreamSpecification
The Kinesis Data Streams configuration for the specified table.
Required: No
Type: KinesisStreamSpecification
Update requires: No interruption
LocalSecondaryIndexes
Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.
Required: No
Type: Array of LocalSecondaryIndex
Update requires: No interruption
OnDemandThroughput
Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify MaxReadRequestUnits,MaxWriteRequestUnits, or both.
Required: No
Type: OnDemandThroughput
Update requires: No interruption
PointInTimeRecoverySpecification
The settings used to enable point in time recovery.
Required: No
Type: PointInTimeRecoverySpecification
Update requires: No interruption
ProvisionedThroughput
Throughput for the specified table, which consists of values forReadCapacityUnits and WriteCapacityUnits. For more information about the contents of a provisioned throughput structure, see Amazon DynamoDB Table ProvisionedThroughput.
If you set BillingMode as PROVISIONED, you must specify this property. If you set BillingMode as PAY_PER_REQUEST, you cannot specify this property.
Required: Conditional
Type: ProvisionedThroughput
Update requires: No interruption
ResourcePolicy
A resource-based policy document that contains permissions to add to the specified table. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB. For more information about resource-based policies, see Using resource-based policies for DynamoDB and Resource-based policy examples.
When you attach a resource-based policy while creating a table, the policy creation is_strongly consistent_. For information about the considerations that you should keep in mind while attaching a resource-based policy, see Resource-based policy considerations.
Required: No
Type: ResourcePolicy
Update requires: No interruption
SSESpecification
Specifies the settings to enable server-side encryption.
Required: No
Type: SSESpecification
Update requires: Some interruptions
StreamSpecification
The settings for the DynamoDB table stream, which capture changes to items stored in the table.
Required: No
Type: StreamSpecification
Update requires: No interruption
TableClass
The table class of the new table. Valid values are STANDARD andSTANDARD_INFREQUENT_ACCESS.
Required: No
Type: String
Allowed values: STANDARD | STANDARD_INFREQUENT_ACCESS
Update requires: No interruption
TableName
A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see Name Type.
Important
If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
Required: No
Type: String
Minimum: 1
Maximum: 1024
Update requires: Replacement
Tags
An array of key-value pairs to apply to this resource.
For more information, see Tag.
Required: No
Type: Array of Tag
Update requires: No interruption
TimeToLiveSpecification
Specifies the Time to Live (TTL) settings for the table.
Note
For detailed information about the limits in DynamoDB, see Limits in Amazon DynamoDB in the Amazon DynamoDB Developer Guide.
Required: No
Type: TimeToLiveSpecification
Update requires: No interruption
WarmThroughput
Represents the warm throughput (in read units per second and write units per second) for creating a table.
Required: No
Type: WarmThroughput
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name. For example:
{ "Ref": "myDynamoDBTable" }
For the resource with the logical ID myDynamoDBTable, Ref will return the DynamoDB table name.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
Arn
The Amazon Resource Name (ARN) of the DynamoDB table, such asarn:aws:dynamodb:us-east-2:123456789012:table/myDynamoDBTable.
StreamArn
The ARN of the DynamoDB stream, such asarn:aws:dynamodb:us-east-1:123456789012:table/testddbstack-myDynamoDBTable-012A1SL7SMP5Q/stream/2015-11-30T20:10:00.000.
Note
You must specify the StreamSpecification property to use this attribute.
Examples
- DynamoDB Table with Local and Secondary Indexes
- DynamoDB Table with a DependsOn Attribute
- DynamoDB Table with Application Auto Scaling
DynamoDB Table with Local and Secondary Indexes
The following sample creates a DynamoDB table with Album,Artist, Sales, NumberOfSongs as attributes. The primary key includes the Album attribute as the hash key andArtist attribute as the range key. The table also includes two global and one secondary index. For querying the number of sales for a given artist, the global secondary index uses the Sales attribute as the hash key and theArtist attribute as the range key.
For querying the sales based on the number of songs, the global secondary index uses the NumberOfSongs attribute as the hash key and theSales attribute as the range key.
For querying the sales of an album, the local secondary index uses the same hash key as the table but uses the Sales attribute as the range key.
JSON
{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : {
"myDynamoDBTable" : { "Type" : "AWS::DynamoDB::Table", "Properties" : {
"AttributeDefinitions" : [ { "AttributeName" : "Album", "AttributeType" : "S" }, {
"AttributeName" : "Artist", "AttributeType" : "S" }, { "AttributeName" : "Sales",
"AttributeType" : "N" }, { "AttributeName" : "NumberOfSongs", "AttributeType" : "N" } ],
"KeySchema" : [ { "AttributeName" : "Album", "KeyType" : "HASH" }, { "AttributeName" :
"Artist", "KeyType" : "RANGE" } ], "ProvisionedThroughput" : { "ReadCapacityUnits" :
"5", "WriteCapacityUnits" : "5" }, "TableName" : "myTableName", "GlobalSecondaryIndexes"
: [{ "IndexName" : "myGSI", "KeySchema" : [ { "AttributeName" : "Sales", "KeyType" :
"HASH" }, { "AttributeName" : "Artist", "KeyType" : "RANGE" } ], "Projection" : {
"NonKeyAttributes" : ["Album","NumberOfSongs"], "ProjectionType" : "INCLUDE" },
"ProvisionedThroughput" : { "ReadCapacityUnits" : "5", "WriteCapacityUnits" : "5" } }, {
"IndexName" : "myGSI2", "KeySchema" : [ { "AttributeName" : "NumberOfSongs", "KeyType" :
"HASH" }, { "AttributeName" : "Sales", "KeyType" : "RANGE" } ], "Projection" : {
"NonKeyAttributes" : ["Album","Artist"], "ProjectionType" : "INCLUDE" },
"ProvisionedThroughput" : { "ReadCapacityUnits" : "5", "WriteCapacityUnits" : "5" } }],
"LocalSecondaryIndexes" :[{ "IndexName" : "myLSI", "KeySchema" : [ { "AttributeName" :
"Album", "KeyType" : "HASH" }, { "AttributeName" : "Sales", "KeyType" : "RANGE" } ],
"Projection" : { "NonKeyAttributes" : ["Artist","NumberOfSongs"], "ProjectionType" :
"INCLUDE" } }] } } } }YAML
AWSTemplateFormatVersion: "2010-09-09" Resources: myDynamoDBTable:
Type: AWS::DynamoDB::Table Properties: AttributeDefinitions: - AttributeName: "Album"
AttributeType: "S" - AttributeName: "Artist" AttributeType: "S" - AttributeName: "Sales"
AttributeType: "N" - AttributeName: "NumberOfSongs" AttributeType: "N" KeySchema: -
AttributeName: "Album" KeyType: "HASH" - AttributeName: "Artist" KeyType: "RANGE"
ProvisionedThroughput: ReadCapacityUnits: "5" WriteCapacityUnits: "5" TableName:
"myTableName" GlobalSecondaryIndexes: - IndexName: "myGSI" KeySchema: - AttributeName:
"Sales" KeyType: "HASH" - AttributeName: "Artist" KeyType: "RANGE" Projection:
NonKeyAttributes: - "Album" - "NumberOfSongs" ProjectionType: "INCLUDE"
ProvisionedThroughput: ReadCapacityUnits: "5" WriteCapacityUnits: "5" - IndexName:
"myGSI2" KeySchema: - AttributeName: "NumberOfSongs" KeyType: "HASH" - AttributeName:
"Sales" KeyType: "RANGE" Projection: NonKeyAttributes: - "Album" - "Artist"
ProjectionType: "INCLUDE" ProvisionedThroughput: ReadCapacityUnits: "5"
WriteCapacityUnits: "5" LocalSecondaryIndexes: - IndexName: "myLSI" KeySchema: -
AttributeName: "Album" KeyType: "HASH" - AttributeName: "Sales" KeyType: "RANGE"
Projection: NonKeyAttributes: - "Artist" - "NumberOfSongs" ProjectionType:
"INCLUDE"DynamoDB Table with a DependsOn Attribute
If you include multiple DynamoDB tables with indexes in a single template, you must include dependencies so that the tables are created sequentially. DynamoDB limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DynamoDB returns an error and the stack operation fails.
The following sample assumes that the myFirstDDBTable table is declared in the same template as the mySecondDDBTable table, and both tables include a secondary index. The mySecondDDBTable table includes a dependency on the myFirstDDBTable table so that AWS CloudFormation creates the tables one at a time.
JSON
"mySecondDDBTable" : { "Type" : "AWS::DynamoDB::Table",
"DependsOn" : "myFirstDDBTable" , "Properties" : { "AttributeDefinitions" : [ {
"AttributeName" : "ArtistId", "AttributeType" : "S" }, { "AttributeName" : "Concert",
"AttributeType" : "S" }, { "AttributeName" : "TicketSales", "AttributeType" : "S" } ],
"KeySchema" : [ { "AttributeName" : "ArtistId", "KeyType" : "HASH" }, { "AttributeName"
: "Concert", "KeyType" : "RANGE" } ], "ProvisionedThroughput" : { "ReadCapacityUnits" :
{"Ref" : "ReadCapacityUnits"}, "WriteCapacityUnits" : {"Ref" : "WriteCapacityUnits"} },
"GlobalSecondaryIndexes" : [{ "IndexName" : "myGSI", "KeySchema" : [ { "AttributeName" :
"TicketSales", "KeyType" : "HASH" } ], "Projection" : { "ProjectionType" : "KEYS_ONLY"
}, "ProvisionedThroughput" : { "ReadCapacityUnits" : {"Ref" : "ReadCapacityUnits"},
"WriteCapacityUnits" : {"Ref" : "WriteCapacityUnits"} } }], "Tags": [ { "Key": "foo",
"Value": "bar" } ] } }YAML
mySecondDDBTable: Type: AWS::DynamoDB::Table DependsOn:
"myFirstDDBTable" Properties: AttributeDefinitions: - AttributeName: "ArtistId"
AttributeType: "S" - AttributeName: "Concert" AttributeType: "S" - AttributeName:
"TicketSales" AttributeType: "S" KeySchema: - AttributeName: "ArtistId" KeyType: "HASH"
- AttributeName: "Concert" KeyType: "RANGE" ProvisionedThroughput: ReadCapacityUnits:
Ref: "ReadCapacityUnits" WriteCapacityUnits: Ref: "WriteCapacityUnits"
GlobalSecondaryIndexes: - IndexName: "myGSI" KeySchema: - AttributeName: "TicketSales"
KeyType: "HASH" Projection: ProjectionType: "KEYS_ONLY" ProvisionedThroughput:
ReadCapacityUnits: Ref: "ReadCapacityUnits" WriteCapacityUnits: Ref:
"WriteCapacityUnits" Tags: - Key: foo Value: barDynamoDB Table with Application Auto Scaling
This example sets up Application Auto Scaling for aAWS::DynamoDB::Table resource. The template defines aTargetTrackingScaling scaling policy that scales up theWriteCapacityUnits throughput for the table.
JSON
{
"Resources": {
"DDBTable": {
"Type": "AWS::DynamoDB::Table",
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "ArtistId",
"AttributeType": "S"
},
{
"AttributeName": "Concert",
"AttributeType": "S"
},
{
"AttributeName": "TicketSales",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "ArtistId",
"KeyType": "HASH"
},
{
"AttributeName": "Concert",
"KeyType": "RANGE"
}
],
"GlobalSecondaryIndexes": [
{
"IndexName": "GSI",
"KeySchema": [
{
"AttributeName": "TicketSales",
"KeyType": "HASH"
}
],
"Projection": {
"ProjectionType": "KEYS_ONLY"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
}
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
}
}
},
"WriteCapacityScalableTarget": {
"Type": "AWS::ApplicationAutoScaling::ScalableTarget",
"Properties": {
"MaxCapacity": 15,
"MinCapacity": 5,
"ResourceId": { "Fn::Join": [
"/",
[
"table",
{ "Ref": "DDBTable" }
]
] },
"RoleARN": {
"Fn::GetAtt": ["ScalingRole", "Arn"]
},
"ScalableDimension": "dynamodb:table:WriteCapacityUnits",
"ServiceNamespace": "dynamodb"
}
},
"ScalingRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"application-autoscaling.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "root",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:DescribeTable",
"dynamodb:UpdateTable",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:GetMetricStatistics",
"cloudwatch:SetAlarmState",
"cloudwatch:DeleteAlarms"
],
"Resource": "*"
}
]
}
}
]
}
},
"WriteScalingPolicy": {
"Type": "AWS::ApplicationAutoScaling::ScalingPolicy",
"Properties": {
"PolicyName": "WriteAutoScalingPolicy",
"PolicyType": "TargetTrackingScaling",
"ScalingTargetId": {
"Ref": "WriteCapacityScalableTarget"
},
"TargetTrackingScalingPolicyConfiguration": {
"TargetValue": 50.0,
"ScaleInCooldown": 60,
"ScaleOutCooldown": 60,
"PredefinedMetricSpecification": {
"PredefinedMetricType": "DynamoDBWriteCapacityUtilization"
}
}
}
}
}
}YAML
Resources:
DDBTable:
Type: AWS::DynamoDB::Table
Properties:
AttributeDefinitions:
-
AttributeName: "ArtistId"
AttributeType: "S"
-
AttributeName: "Concert"
AttributeType: "S"
-
AttributeName: "TicketSales"
AttributeType: "S"
KeySchema:
-
AttributeName: "ArtistId"
KeyType: "HASH"
-
AttributeName: "Concert"
KeyType: "RANGE"
GlobalSecondaryIndexes:
-
IndexName: "GSI"
KeySchema:
-
AttributeName: "TicketSales"
KeyType: "HASH"
Projection:
ProjectionType: "KEYS_ONLY"
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
WriteCapacityScalableTarget:
Type: AWS::ApplicationAutoScaling::ScalableTarget
Properties:
MaxCapacity: 15
MinCapacity: 5
ResourceId: !Join
- /
- - table
- !Ref DDBTable
RoleARN: !GetAtt ScalingRole.Arn
ScalableDimension: dynamodb:table:WriteCapacityUnits
ServiceNamespace: dynamodb
ScalingRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Principal:
Service:
- application-autoscaling.amazonaws.com
Action:
- "sts:AssumeRole"
Path: "/"
Policies:
-
PolicyName: "root"
PolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Action:
- "dynamodb:DescribeTable"
- "dynamodb:UpdateTable"
- "cloudwatch:PutMetricAlarm"
- "cloudwatch:DescribeAlarms"
- "cloudwatch:GetMetricStatistics"
- "cloudwatch:SetAlarmState"
- "cloudwatch:DeleteAlarms"
Resource: "*"
WriteScalingPolicy:
Type: AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: WriteAutoScalingPolicy
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref WriteCapacityScalableTarget
TargetTrackingScalingPolicyConfiguration:
TargetValue: 50.0
ScaleInCooldown: 60
ScaleOutCooldown: 60
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBWriteCapacityUtilization